Re: [mod-security-users] Performance using ModSecurity with Apache 1.3.x
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Performance using ModSecurity with Apache 1.3.x
|
From: K. C. L. <li...@la...> - 2005-12-16 19:24:53
|
On Fri, 16 Dec 2005, Ivan Ristic wrote: > In my experience symptoms like the ones you reported occur > when the web server experiences very high load (with or without > ModSecurity). Since running ModSecurity requires additional resources > it may be that it's what tipped the system over the edge so to speak. Our web server is indeed subjected to quite high load from time to time. I have just compiled mod_security with Apache v1.3.34 and the high CPU on one Apache instance occurred about an hour into the restart. Below is a section of ps showing that PID 29759 was continuously running: 29755 ? S 0:00 /usr/local/apache/bin/httpsd 29756 ? S 0:00 /usr/local/apache/bin/gcache 505 /usr/local/apache/logs/gcache_port 29757 ? S 1:08 /usr/local/apache/bin/httpsd 29758 ? S 0:52 /usr/local/apache/bin/httpsd 29759 ? R 7:18 /usr/local/apache/bin/httpsd 29760 ? S 0:49 /usr/local/apache/bin/httpsd 29761 ? S 0:56 /usr/local/apache/bin/httpsd 29762 ? S 1:04 /usr/local/apache/bin/httpsd 29763 ? S 1:33 /usr/local/apache/bin/httpsd 29764 ? S 0:43 /usr/local/apache/bin/httpsd 29765 ? S 1:43 /usr/local/apache/bin/httpsd 29766 ? S 0:50 /usr/local/apache/bin/httpsd 29768 ? S 1:21 /usr/local/apache/bin/httpsd 29771 ? S 1:34 /usr/local/apache/bin/httpsd ruby:~# /usr/local/apache/bin/httpsd -l Compiled-in modules: http_core.c mod_env.c mod_log_config.c mod_mime.c mod_negotiation.c mod_status.c mod_include.c mod_autoindex.c mod_dir.c mod_cgi.c mod_asis.c mod_imap.c mod_actions.c mod_userdir.c mod_alias.c mod_rewrite.c mod_access.c mod_auth.c mod_setenvif.c apache_ssl.c mod_php4.c mod_security.c suexec: enabled; valid wrapper /usr/local/apache/bin/suexec Apart from reducing the high load, are there anything that could be done to rectify the problem? Regards, Kwong Li London |
