|
From: Breno S. <bre...@gm...> - 2013-02-13 11:55:45
|
Curtis, Are you using some custom ruleset ? or using only CRS ? Maybe i can copy your configuration/ruleset and try to reproduce, for better investigation Thanks Breno On Wed, Feb 13, 2013 at 12:05 AM, Rainer Jung <rai...@ki...>wrote: > On 12.02.2013 22:26, Curtis Wood wrote: > > Hi All, > > > > We seem to have found a potential issue with mod security - we are using > > cPanel along with Apache 2.2.23/mod_security 2.7.1. We noticed a strange > > issue with Apache last year where it would be getting caught in an > > internal loop with the apr_pool_cleanup routines - essentially trying to > > clear the same pool over and over. Initially it was thought to only be > > with this customers particular website/setup - although recently we saw > > the same issues on our production servers and have verified it is same > > issue. > > > > We have disabled modsec2 fleet wide (2500+ servers) and the problem has > > ceased to exist at this time. Unfortunately we have no idea what > > triggers this, if it's a particular URL being accessed or what. > > Pool cleanup loops typically indicate a corruption in the pool data > structures due to unsynchronized pool use by multiple threads. APR pools > are not thread-safe. > > Regards, > > Rainer > > > > ------------------------------------------------------------------------------ > Free Next-Gen Firewall Hardware Offer > Buy your Sophos next-gen firewall before the end March 2013 > and get the hardware for free! Learn more. > http://p.sf.net/sfu/sophos-d2d-feb > _______________________________________________ > mod-security-developers mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-developers > ModSecurity Services from Trustwave's SpiderLabs: > https://www.trustwave.com/spiderLabs.php > |
