Re: [mod-security-users] mod-security with IHS web server on linux machines (extremely slow)
Brought to you by:
victorhora,
zimmerletw
From: Felipe C. <FC...@tr...> - 2014-05-12 12:31:04
|
Hi Abdallah, The intention of pcre version verification is to make sure that, both, ModSecurity and Apache are running the same library. The version is a strong indication of that, however, the compilation of those could be made with different compilations flags, or patches. Our recommendation is to really use the same library. You have said that: once you loads ModSecurity your Apache started to answer slowly to your requests, have you used the modsecurity.conf-recommended configuration file? Enabled/Disabled ModSecurity using this configuration? Does it make any difference? During the compilation i've saw that you have used make test, is it "pass" in all tests? how long it takes? There is something else, in your Apache log that may indicates something about the problem? What about ModSecurity debug log? can you enable it and share with us? Can you give more details on your Apache version and other apache modules that you are running? (httpd -V and https -l) Br., Felipe "Zimmerle" Costa Security Researcher, SpiderLabs Trustwave | SMART SECURITY ON DEMAND www.trustwave.com<http://www.trustwave.com/> On May 10, 2014, at 4:53 AM, Abdallah <abd...@gm...<mailto:abd...@gm...>> wrote: Abdallah wrote: 10-may-2014 For PCRE alias gcc='gcc -m32' export CFLAGS=-m32 ./configure --prefix=/usr/local/pcre5.0_32 CFLAGS=-m32 make make test sudo make install For mod_security: alias gcc='gcc -m32' export CFLAGS=-m32 ./configure --with-apxs=/HTTPServer/bin/apxs --with-apr=/HTTPServer/bin/apr- 1-config --with-apu=/HTTPServer/bin/apu-1-config --with- libxml=/usr/local/libxml2_32/bin/xml2-config --with- pcre=/usr/local/pcre5.0_32/bin/pcre-config --disable-mlogc CFLAGS=-m32 -- prefix=/usr/local/modsec32_08may --enable-verbose-output make make test sudo make install Regards Abdallah ------------------------------------------------------------------------------ Is your legacy SCM system holding you back? Join Perforce May 7 to find out: • 3 signs your SCM is hindering your productivity • Requirements for releasing software faster • Expert tips and advice for migrating your SCM now http://p.sf.net/sfu/perforce _______________________________________________ mod-security-users mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: http://www.modsecurity.org/projects/commercial/rules/ http://www.modsecurity.org/projects/commercial/support/ ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. |