Open wfjsw opened 2 years ago
Hi @wfjsw, there is a new CI workflow test in this repository. Could you pick up the modifications to enable run those tests? Thanks!
@airween @wfjsw I wonder if multi threading is at least the partial answer to fix the long known problem of ModSecurity+nginx being a performance killer for throughput.
I no longer have a ModSecurity install on my machine so I'm unable to investigate further :(
Re performance issue: From the CPU loads it still seems heavy. I'd say there is real computing constraint in WAF. (Or it might be a problem caused by PCRE2. Who knows)
This PR is created to describe my patch to fix #227 and it is by no means a complete patch ready for merge.
The patch contains several unrelated changes, namely:
dd
tongx_log_error
to accomodate my own debugging needngx_http_modsecurity_pcre_malloc_init
andngx_http_modsecurity_pcre_malloc_done
. They are not used in my configuration where PCRE2 is used, and it looks suspicious for SEGVs so I commented them out as a precaution.NGX_OK
in logging handler? Changed toNGX_DECLINED
.Not yet implemented:
NGX_THREADS
guard for Nginx setup without threading support.Currently it passes all test suites and performs well in production.
Benchmarking is welcomed.