Re: [mod-security-users] Performance using ModSecurity with Apache 1.3.x
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Performance using ModSecurity with Apache 1.3.x
|
From: Ivan R. <iv...@we...> - 2005-12-16 15:23:22
|
K. C. Li wrote: > > That sounds interesting. How does one compile Apache 1.3.x with PCRE > instead of the built-in regex engine please? That's not what I did. I simply changed ModSecurity to use PCRE directly, ignoring the regex library that comes with Apache 1.3.x. > While on the subject of response time, we deployed mod_security on one of > our Apache 1.3.33 servers (PHP-4.4.1, OpenSSL-0.9.8, Apache_SSL and > mmcache-2.4.4) running Linux 2.2.26. It worked well for anything between a > few hours to a day before two, and only two, of the Apache child processes > start eating up CPU time. eg. 45% and 49%. Apache would eventually become > unresponsive and had to be restarted. Recompiling Apache without > mod_security would restore it to it's former steady running state. Any > pointers as what might be causing the high CPU consumption please? Hmmm, yours is the first report to mention ModSecurity malfunctioning like that. (And, for the record, I don't get many bug reports either ;) Is that something that happened to you once, or is it something that happens every time you turn ModSecurity on? Also, which version of ModSecurity did you use? If you are up for it (I am) maybe you can do some of the things listed in the Apache debugging guide: http://httpd.apache.org/dev/debugging.html Starting with strace, for example. > Please see the Apache configuration section of mod_security at the end. > > ... > > SecFilterSelective REQUEST_METHOD "^POST$" chain ^ Another directive is supposed to come after this one. (It's not something that would have brought a process down, though.) -- Ivan Ristic Apache Security (O'Reilly) - http://www.apachesecurity.net Open source web application firewall - http://www.modsecurity.org |
