[Owasp-modsecurity-core-rule-set] Performance issues
rm4dillo at gmail.com
Mon Oct 24 14:30:09 EDT 2011
I recently installed ModSecurity with CRS 2.2.2 (base rules only, paranoid
mode set to off and SecResponseBodyAccess to off too) on a high traffic
server and the CPU usage almost reached 100% while it's usually around 2 to
5% and I have no errors.
By disabling mod_security_crs_4* rules (generic, xss, sqli) it's way
better but not really useful :).
Any clues? Does someone benchmark the rules before every release?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-modsecurity-core-rule-set