owasp-modsecurity / ModSecurity

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
https://www.modsecurity.org
Apache License 2.0
8.23k stars 1.61k forks source link

The Loader is too high #864

Closed wangxianwei closed 9 years ago

wangxianwei commented 9 years ago

Hi

we encounted a very serious issue, because we have deployed Nginx as web server, we dont want change the older architecture. so we deploy the modsecurity in Nginx before the older Nginx web server. now in the syetem architecture we have two layer nginx web server. one be used as web firewall, the other is web server. The load in the nginx server use as web firwell is so high that can't be used when there have redirect function in the web application. any advice is very apprecated! if we SET the modsecurity off in the nginx.conf,the issue will disapper and the page can redirect collect.there is no related error log in the Nignx , Modsecurity and tomcat.

Regards, Owen process

zimmerle commented 9 years ago

Hi @wangxianwei are you using the nginx_refactoring branch ?

wangxianwei commented 9 years ago

@zimmerle , Thank you for your reply.The version of the Modsecurity is modsecurity-2.9.0 stable

zimmerle commented 9 years ago

Hi @wangxianwei,

If you can, please try to use this branch:

wangxianwei commented 9 years ago

@zimmerle ,Thank you for you help. This version have solved the problem. and it also can support many servers now. than you!

zimmerle commented 9 years ago

Glad to hear that it is working! thanks for the report.

blackysy commented 9 years ago

@zimmerle https://github.com/SpiderLabs/ModSecurity/tree/nginx_refactoring, ./autogen.sh 。

autoconf --version

autoconf (GNU Autoconf) 2.67

autoreconf --version

autoreconf (GNU Autoconf) 2.67

libtool --version

libtool (GNU libtool) 2.4

libtoolize --version

libtoolize (GNU libtool) 2.4

unzip ModSecurity-nginx_refactoring.zip
cd ModSecurity-nginx_refactoring
./autogen.sh

libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, build'. libtoolize: copying filebuild/ltmain.sh' libtoolize: putting macros in AC_CONFIG_MACRO_DIR, build'. libtoolize: copying filebuild/libtool.m4' libtoolize: copying file build/ltoptions.m4' libtoolize: copying filebuild/ltsugar.m4' libtoolize: copying file build/ltversion.m4' libtoolize: copying filebuild/lt~obsolete.m4' alp2/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' apache2/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' ext/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' mlogc/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' standalone/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' tests/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' autoreconf: automake failed with exit status: 1 alp2/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' apache2/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' ext/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' mlogc/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' standalone/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac' tests/Makefile.am: C objects in subdir but AM_PROG_CC_C_O' not inconfigure.ac'

./configure --enable-standalone-module

…… checking if libxml2 is at least v2.6.29... yes, 2.9.0 configure: using libxml2 v2.9.0 checking for pkg-config... /usr/bin/pkg-config checking pkg-config is at least version 0.9.0... yes checking for liblua config script... no checking for lua install... no configure: optional lua library not found checking for libyajl config script... no checking for yajl install... no configure: optional yajl library not found checking for ssdeep path... no configure: optional ssdeep library not found configure: WARNING: APR util was not compiled with crypto support. SecRemoteRule will not support the parameter 'crypto' configure: creating ./config.status config.status: error: cannot find input file: `Makefile.in'

cannot find input file: `Makefile.in', why?

zimmerle commented 8 years ago

Hi @jameyang Do you have gcc installed?