Re: [mod-security-users] modsecurity causing IIS Applicaiton pool to crash
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] modsecurity causing IIS Applicaiton pool to crash
|
From: Qiushi W. <ddt...@ou...> - 2013-04-01 09:37:03
|
Hi Greg, When I looked back at this today, I found it was interesting. 1. I moved the audit log to other directories, e.g. "C:\inetpub\modsecurity\logs" or "C:\Temp\modsecurity\logs", if I did not grant IIS user permisson to it, I would get Application error "failed to open" the audit log file( but IIS Applicaiton pool would not crash). After granting the proper permission, the error went away. 2. Only when I moved the audit log to "C:\inetpub\logs\modsecurity\", no matter if the permission was granted or not I would got the same Application error as I submitted on Mar 18th. And IIS Applicaiton pool would also crash. Br, Mark From: ddt...@ou... To: gwr...@ho...; mod...@li... Date: Tue, 19 Mar 2013 17:34:01 +0800 Subject: Re: [mod-security-users] modsecurity causing IIS Applicaiton pool to crash Thanks for your hints. Looks like the issue resolved when granting the log directory with proper permissions. Br, Mark From: gwr...@ho... To: mod...@li... Date: Tue, 19 Mar 2013 00:16:30 -0700 Subject: Re: [mod-security-users] modsecurity causing IIS Applicaiton pool to crash It's hard to tell without the crash dump, but I found a crash in the sample place caused by the audit log. Could you make sure that the audit log directory has proper permissions, or change its location? I will try to reproduce this problem as well. Greg > Date: Mon, 18 Mar 2013 11:30:14 +0800 > From: Qiushi Wang <ddt...@ou...> > Subject: [mod-security-users] modsecurity causing IIS Applicaiton pool > to crash > To: "mod...@li..." > <mod...@li...> > Message-ID: <BAY...@ph...l> > Content-Type: text/plain; charset="gb2312" > > Hi, > > I'm using Modsecurity 2.7.2 with Windows server 2008 R2 64bit/IIS 7.5/Mysql 5.6/PHP 5.4/Fastcgi/Wordpress. When disabling Modsecurity, everything is OK. When enabling Modsecurity, the application pool crashes. I saw you fixed a modsecurity.dll issue in 2.7.1. But now is libapr-1.dll in 2.7.2. Any idea this is a bug or my config issue? I attached web.config and modsec config files. > > Application error: > Faulting application name: w3wp.exe, version: 7.5.7601.17514, time stamp: 0x4ce7afa2 > Faulting module name: libapr-1.dll, version: 1.4.6.0, time stamp: 0x502f86ed > Exception code: 0xc0000005 > Fault offset: 0x0000000000004e21 > Faulting process id: 0xb68 > Faulting application start time: 0x01ce238423787a3e > Faulting application path: c:\windows\system32\inetsrv\w3wp.exe > Faulting module path: C:\Windows\system32\inetsrv\libapr-1.dll > Report Id: 613f3441-8f77-11e2-86f6-005056b85fd5 > > Br, > Mark > > -------------- next part -------------- > An HTML attachment was scrubbed... > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: web.config > Type: application/octet-stream > Size: 363 bytes > Desc: not available > -------------- next part -------------- > An embedded and charset-unspecified text was scrubbed... > Name: modsecurity.conf ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar _______________________________________________ mod-security-users mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: http://www.modsecurity.org/projects/commercial/rules/ http://www.modsecurity.org/projects/commercial/support/ ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar _______________________________________________ mod-security-users mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: http://www.modsecurity.org/projects/commercial/rules/ http://www.modsecurity.org/projects/commercial/support/ |
