Hi Abdullah,

Can you share your ModSecurity startup information? It should be in your error_log, something like this:

[...] ModSecurity for Apache/2.7.7 (http://www.modsecurity.org/) configured.
[...] ModSecurity: APR compiled version="1.4.8"; loaded version="1.4.8"
[...] ModSecurity: PCRE compiled version="8.31 "; loaded version="8.31 2012-07-06"
[...] ModSecurity: LUA compiled version="Lua 5.1"
[...] ModSecurity: LIBXML compiled version="2.9.1"

Did you tried to compile it without pcre-jit support? How is your cpu and memory load while performing this request? every request is slow? or just specific ones?

Felipe "Zimmerle" Costa
Security Researcher, SpiderLabs


On May 2, 2014, at 2:37 AM, Abdallah <abdullah.beydoun@gmail.com> wrote:

Abdallah Beydoun <abdullah.beydoun <at> gmail.com> writes:

I have IBM IHS (32 bit) installation on Linux server.

I downloaded mod_security, compiled it successfully and start using the
mod_security2.so file in my IHS server 

I loaded the library file ( so file) inside httpd.conf file. Once I load
it, although I don't define any rule , opening apply application via this
IHS will be extremely slow  and it is taking more that 500 seconds to open
one jsp file.

while, If I comment the loading line /restart IHS server and test my jsp
it is opening  within milliseconds.

file download from site :modsecurity-apache_2.7.7.tar.gz

installation done using the following steps

1- alias gcc='gcc -32'
    export CFLAGS=-m32

$./configure --with-apxs=/HTTPServer/bin/apxs --with-
apr=/HTTPServer/bin/apr-1-config --with-apu=/HTTPServer/bin/apu-1-config --
with-libxml=/usr/local/libxml2_32/bin/xml2-config --with-pcre=/usr/bin/pcre-
config --disable-mlogc CFLAGS=-m32 --prefix=/usr/local/modsec32_01may --
enable-pcre-jit --enable-verbose-output


$make test 
and as root 

#make install 

Kindly any help

Thanks in advance

Appreciate your reply/help as this issue is a showstopper for project Go-


"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.  Get
unparalleled scalability from the best Selenium testing platform available.
Simple to use. Nothing to install. Get started now for free."
mod-security-users mailing list
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.