Hope you can shed light on the problem bellow: even after setting the SecCollectionTimeout , we are still experiencing this exception. Will this problem create security bridge (rules not being execute)? Any workaround or configuration change that can help?
While doing some testing (Aquentix scanner) I found those error in the debug log:
 Failed to write to DBM file "/tmp//default_SESSION": No space left on device
 Failed deleting collection (name "SESSION", key "CC791FED480BCE6742BEA0BB65BDF625.uat_be-p02"): Internal error
 Failed deleting collection (name "SESSION", key "EFB48BA305B3614269ED724D1221BDB1.uat_be-s01"): Internal error
The root partition on that box is only 9% used and size of the partition is 67GB. But when I ls –lah the size of the file is 232GB ??
-rw-r----- 1 wwwrun www 17M Sep 11 10:42 default_SESSION.dir
-rw-r----- 1 wwwrun www 232G Sep 11 10:44 default_SESSION.pag
Now, I know that default for SecCollectionTimeout is 3600s, but is that timer from the creation of the session? We have tomcat’s at the backend and the session timeout is 30min, but it gets reset on the next subsequent transaction for that session. So, not sure how to set this correctly.
Environment: Modsecurity is 2.6.7 and CRS is 2.5.5
Thanks in advance,