Since nov. 19 we have a crazy high load when modsec is enabled with the comodo rulset:
The machine seems to write abnormally much on the storage on /tmp, 6 TB in one week:
DA support says this is my problem because they didn't develop the rulset.
I only use the server for tests with 2 active accounts, the server is almost inactive but as soon as a static html page is loaded it blows up my CPUs and it is writes constantly in /tmp.
I somehow can't imagine that I am the only one with this problem, do any of you have such problems?
Currently I have simply disabled the module, but I think I need it for productive operation to prevent wordpress attacks.
I use Apache on CL7 on fast metal with SSD raid, running DA 1.6 RC1 - latest beta with CB 2359
Details:
Code:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
8758 apache 20 0 5971712 170564 2840 S 599.7 0.3 910:20.11 httpd
8682 apache 20 0 5775076 155780 2440 S 99.7 0.2 119:30.49 httpd
The machine seems to write abnormally much on the storage on /tmp, 6 TB in one week:
Code:
[root@da-dev1 ~]# ls -laht /tmp/
-rw-r----- 1 apache apache 515P Jan 7 15:05 apache-ip.pag
-rw-r----- 1 apache apache 257T Jan 7 13:10 apache-ip.dir
DA support says this is my problem because they didn't develop the rulset.
I only use the server for tests with 2 active accounts, the server is almost inactive but as soon as a static html page is loaded it blows up my CPUs and it is writes constantly in /tmp.
I somehow can't imagine that I am the only one with this problem, do any of you have such problems?
Currently I have simply disabled the module, but I think I need it for productive operation to prevent wordpress attacks.
I use Apache on CL7 on fast metal with SSD raid, running DA 1.6 RC1 - latest beta with CB 2359
Details:
Code:
top - 09:39:04 up 96 days, 18:11, 2 users, load average: 27.11, 25.17, 24.21
Tasks: 391 total, 8 running, 383 sleeping, 0 stopped, 0 zombie
%Cpu(s): 1.3 us, 98.5 sy, 0.2 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 65775276 total, 1452232 free, 1472936 used, 62850108 buff/cache
KiB Swap: 8388604 total, 4185852 free, 4202752 used. 59621940 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
5757 apache 20 0 5840996 80896 3640 S 700.0 0.1 1236:10 /usr/sbin/httpd -DFOREGROUND
24850 apache 20 0 7478944 1140 1140 S 621.9 0.0 6241:31 /usr/sbin/httpd -DFOREGROUND
6145 apache 20 0 5906536 86712 3492 S 615.6 0.1 1603:05 /usr/sbin/httpd -DFOREGROUND
148 root 20 0 0 0 0 R 90.6 0.0 5780:06 [kswapd0]
149 root 20 0 0 0 0 R 81.2 0.0 5781:37 [kswapd1]
6757 root 20 0 58704 2352 1484 R 28.1 0.0 0:00.22 /usr/bin/top -c -b -n 1
16582 root 30 10 356712 46256 2432 R 6.2 0.1 9:26.42 /opt/alt/python27/bin/python2.7 /usr/share/lve-stats/lvestats-server.py start --pidfile /var/run/lvestats.pid
4314 root 20 0 0 0 0 D 3.1 0.0 0:00.83 [kworker/3:2]
16559 root 30 10 486548 5312 964 S 3.1 0.0 5:11.28 /opt/alt/python27/bin/python2.7 /usr/share/lve-stats/lvestats-server.py start --pidfile /var/run/lvestats.pid
1 root 20 0 191392 2600 1320 S 0.0 0.0 42:10.73 /usr/lib/systemd/systemd --system --deserialize 17
2 root 20 0 0 0 0 S 0.0 0.0 0:13.49 [kthreadd]
3 root 20 0 0 0 0 S 0.0 0.0 2:49.63 [ksoftirqd/0]
5 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 [kworker/0:0H]
8 root rt 0 0 0 0 S 0.0 0.0 5:32.65 [migration/0]
9 root 20 0 0 0 0 S 0.0 0.0 0:00.00 [rcu_bh]
10 root 20 0 0 0 0 R 0.0 0.0 176:24.15 [rcu_sched]
11 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 [lru-add-drain]
12 root rt 0 0 0 0 S 0.0 0.0 0:41.27 [watchdog/0]
13 root rt 0 0 0 0 S 0.0 0.0 0:44.58 [watchdog/1]
14 root rt 0 0 0 0 S 0.0 0.0 5:22.93 [migration/1]
15 root 20 0 0 0 0 S 0.0 0.0 0:46.30 [ksoftirqd/1]
17 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 [kworker/1:0H]
18 root rt 0 0 0 0 S 0.0 0.0 0:35.14 [watchdog/2]
Last edited: