Are you using some custom ruleset ? or using only CRS ?
Maybe i can copy your configuration/ruleset and try to reproduce, for better investigation



On Wed, Feb 13, 2013 at 12:05 AM, Rainer Jung <> wrote:
On 12.02.2013 22:26, Curtis Wood wrote:
> Hi All,
> We seem to have found a potential issue with mod security - we are using
> cPanel along with Apache 2.2.23/mod_security 2.7.1. We noticed a strange
> issue with Apache last year where it would be getting caught in an
> internal loop with the apr_pool_cleanup routines - essentially trying to
> clear the same pool over and over. Initially it was thought to only be
> with this customers particular website/setup - although recently we saw
> the same issues on our production servers and have verified it is same
> issue.
> We have disabled modsec2 fleet wide (2500+ servers) and the problem has
> ceased to exist at this time. Unfortunately we have no idea what
> triggers this, if it's a particular URL being accessed or what.

Pool cleanup loops typically indicate a corruption in the pool data
structures due to unsynchronized pool use by multiple threads. APR pools
are not thread-safe.



Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013
and get the hardware for free! Learn more.
mod-security-developers mailing list
ModSecurity Services from Trustwave's SpiderLabs: