On 25/03/2010 20:53, Brian Rectanus wrote:
>>
>
> Sounds like you have quite a bit of traffic and not enough RAM. I'd
> first try turning off response inspection and do not enable any of the
> optional CRS rules.
>
> You did not mention...
>
> * How much traffic you get (bandwidth, connections/sec, requests/sec, etc.).
>
> * What rules you have enabled in the CRS (and what CRS version).
>
> * Speed of your CPUs.
>
> * Memory usage without ModSecurity and with normal traffic. If you are
> tight on RAM already, ModSecurity + Full CRS may destroy you, heh.
>
>
> -B
>
Also what Apache MPM module are you using? We used to run out of memory
on our similar setup (V210s Sparc etc.) until we switched to using
worker instead of prefork. Now we usually have 1GB RAM free on each
server. The only downside is having to compile PHP with
enable-maintainer-zts ("I really know what I'm doing" option to enable
thread-safety), but PHP shouldn't really be running on a reverse-proxy
anyway!
Best Wishes,
Chris
--
--+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
Christopher Wakelin, c.d...@re...
IT Services Centre, The University of Reading, Tel: +44 (0)118 378 8439
Whiteknights, Reading, RG6 2AF, UK Fax: +44 (0)118 975 3094
|