/
Apache and ModSecurity
Apache and ModSecurity
- Mark Unwin
Created by Mark Unwin
Recently I noticed errors on my Ubuntu 18.04 machine in /var/log/apache2/errors.log that look as below. These may also occur on any other Linux server running Apache and ModSecurity.
[Tue Jan 14 09:58:51.980208 2020] [:error] [pid 8812] [client ::1:48280] [client ::1] ModSecurity: Rule 7f6584a61a50 [id "-"][file "/usr/share/modsecurity-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"][line "98"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "localhost"] [uri "/open-audit/index.php/discoveries/26"] [unique_id "Xh0EO9HUUpzELlm@OJLwKwAAAAA"], referer: http://localhost/open-audit/index.php/discoveries/26
These would show multiple times for any requested page.
According to the Atomicorp ModSecurity page here - https://support.atomicorp.com/hc/en-us/articles/360000188468-Rule-execution-error-PCRE-limits-exceeded-8-null- you should increase a couple of limits.
I have edited /etc/modsecurity/modsecurity.conf and set these as recommended below.
SecPcreMatchLimit 250000 SecPcreMatchLimitRecursion 250000
I restarted Apache (sudo systemctl restart apache2) and I have no more warnings in my Apache error log.
, multiple selections available,
Related content
Apache Configuration Items
Apache Configuration Items
More like this
MySQL total number of locks exceeded
MySQL total number of locks exceeded
More like this
Errata - 4.0.1 XSS in SQL debugging output
Errata - 4.0.1 XSS in SQL debugging output
More like this
Errata - 4.2.0, 3.5.0 and onwards util function vulnerability
Errata - 4.2.0, 3.5.0 and onwards util function vulnerability
More like this
Release Notes for Open-AudIT v4.2.0-1
Release Notes for Open-AudIT v4.2.0-1
More like this
Errata - 1.12_2 patch for opConfig
Errata - 1.12_2 patch for opConfig
More like this