[mod-security-users] ipMatchFromFile vs RBL performance
Brought to you by:
victorhora,
zimmerletw
From: Robert M. M. <rm...@is...> - 2014-11-15 17:19:21
|
Hi all, I have an IP/CIDR blacklist of over 35,000 entries (over 500KB) and I'm currently using ipMatchFromFile. At the moment I'm using ipMatchFromFile, but I'm wondering if it would be better to run a local (on the lan) RBL list. Certainly it would reduce the memory footprint of Apache a bit, but how do they two options compare as far as lookup speed is concerned? And on a related note... when using ipMatchFromFile, will modsecurity notice a change in the data file and reload it automatically or is it necessary to restart apache? Thanks, Mark |