Re: [mod-security-users] PCRE limits exceeded
Brought to you by:
victorhora,
zimmerletw
From: Sean O'S. <dit...@ho...> - 2012-01-16 15:27:08
|
Hi Breno Thanks for the explanation. I did the compile with the pcre options, make && make install but its still happening. I have a log excerpt below. Once I put the server back inline I got hundreds of the errors, all relating to line 58 in the sqli rules, rule 950901. Is there something I'm missing? Is this error disruptive, i.e. is the session killed when the error happens? Thanks Breno. Message: Rule 7f70d2b9db20 [id "950901"][file "/etc/apache2/modsecurity_crs/modsecurity_crs_41_sql_injection_attacks.conf"][line "58"] - Execution error - PCRE limits exceeded (-8): (null). Sean Date: Mon, 16 Jan 2012 08:38:35 -0600 Subject: Re: [mod-security-users] PCRE limits exceeded From: bre...@gm... To: dit...@ho... CC: mod...@li... Hi Sean, In modsec 2.6 we do not enable it by default. Try to compile : ./configure --enable-pcre-match-limit=10000 --enable-pcre-match-limit-recursion=10000 Breno On Mon, Jan 16, 2012 at 8:21 AM, Sean O'Sullivan <dit...@ho...> wrote: Hi all, Sorry to bring this topic up again, its all over google, but I upgraded modsec from 2.6 to 2.6.3 this morning and have been getting a lot of PCRE limits exceeded errors with modsecurity_crs_41_sql_injection_attacks.conf line 58. These were not happening before the upgrade. I am using the 2.2.3 ruleset. I created a new file which contains the SecPcreMatchLimit and SecPcreMatchLimitRecursion settings and no matter how large I create the limits I am still see the errors. I have increased them from 5000 to 1500000 (just for testing) and still see the errors. Am I missing something else? Thanks in advance all. Sean ------------------------------------------------------------------------------ RSA(R) Conference 2012 Mar 27 - Feb 2 Save $400 by Jan. 27 Register now! http://p.sf.net/sfu/rsa-sfdev2dev2 _______________________________________________ mod-security-users mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: http://www.modsecurity.org/projects/commercial/rules/ http://www.modsecurity.org/projects/commercial/support/ |