Hello Alexandre,

Could you send your audit.log , debug.log and error.log ?



On Thu, May 23, 2013 at 7:37 PM, Alexandre Biancalana <biancalana@gmail.com> wrote:
Hi list,

  After update my mod_security from 2.6.7 to 2.7.3 and now I'm facing a very weird behavior.

 Using the same ruleset (owasp-crs 2.2.5) and configuration, the request time to process the same POST goes from
 0m1.575s (using ver 2.6.7) to 1m36.455s (using ver 2.7.3) ! 
 Looking at audit log I have the impression that rules are being evaluated in loop when running version 2.7.3, the audit file is 140k lines long against 99 lines when using 2.6.7.

 I've read the changelog and release notes from 2.6.7 to 2.7.3 and canīt find anything that could explain this behavior.

 Did someone faced something like that ?


Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
mod-security-users mailing list
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: