Thread: [mod-security-users] modsecurity Performance ?
Brought to you by:
victorhora,
zimmerletw
From: Muralidhar K (S. - C. Chennai. <mur...@ct...> - 2003-12-02 05:02:17
|
All, Has anyone applied modsecurity and observed performance ? Murali Disclaimer: >This message and any attachment(s) contained here are information that is >confidential, proprietary to HCL Technologies and its customers. Contents may be privileged or otherwise protected >by law. The >information is solely intended for the individual or the entity it is addressed to. If you are >not the intended >recipient of this message, you are not authorized to read, forward, >print, retain, >copy or disseminate this message or any part of it. If you >have received >this e-mail in error, please notify the sender immediately by >return e-mail >and delete it from your computer. |
From: Ivan R. <iv...@we...> - 2003-12-02 09:44:45
|
> Has anyone applied modsecurity and observed performance ? I am using mod_security on many servers with no "visible" performance impact. Audit and debug logging are big bottlenecks, you have to be careful with them (there is no reason to use a debug log on a production server). I measured performance impact a while ago and it came to under 10%. In real-life, if you configure mod_security not to pay attention to static resources (images) the performance difference becomes very small as on a typical web site you get many accesses for static resources and only one access for a dynamic web page (which is where mod_security kicks in). I plan to do a comprehensive speed measurement again in the near future. There is another "problem", though. In order to be able to protect applications properly mod_security introduces full request buffering, keeping the whole request body in memory. This increases memory consumption, but there is no other way to do it. Increased memory consumption is only a problem for file upload. With Apache 1 you should turn mod_security off for pages where files are uploaded. Starting with 1.8 (soon), Apache 2 will not suffer from this problem; it will use a temporary file (after a certain memory limit) and will not use memory to store files in (it will still store complete request bodies for other types of requests). -- ModSecurity (http://www.modsecurity.org) [ Open source IDS for Web applications ] |