Closed
Description
After installing last nginx module (2.7.3) on high load nginx process blocks and stops respoding to requests (may be if backend responds longer than usual).
Here is backtrace:
#0 0x000000000041fecc in ngx_event_pipe_write_to_downstream (p=0x2b40a30,
do_write=45353568) at src/event/ngx_event_pipe.c:551
#1 ngx_event_pipe (p=0x2b40a30, do_write=45353568)
at src/event/ngx_event_pipe.c:33
#2 0x00000000004453b0 in ngx_http_upstream_process_upstream (r=0x2af7010,
u=0x2aefe20) at src/http/ngx_http_upstream.c:2947
#3 0x00000000004454c2 in ngx_http_upstream_handler (ev=0x2b33fe0)
at src/http/ngx_http_upstream.c:956
#4 0x000000000041e606 in ngx_event_process_posted (
cycle=<value optimized out>, posted=0x2b40a60)
at src/event/ngx_event_posted.c:40
#5 0x000000000041e4d6 in ngx_process_events_and_timers (cycle=0x19c1230)
at src/event/ngx_event.c:274
#6 0x000000000042417a in ngx_worker_process_cycle (cycle=0x19c1230,
data=<value optimized out>) at src/os/unix/ngx_process_cycle.c:807
#7 0x0000000000422a9c in ngx_spawn_process (cycle=0x19c1230,
proc=0x4240a7 <ngx_worker_process_cycle>, data=<value optimized out>,
name=0x5df196 "worker process", respawn=-3)
at src/os/unix/ngx_process.c:198
#8 0x00000000004236e2 in ngx_start_worker_processes (cycle=0x19c1230, n=8,
type=-3) at src/os/unix/ngx_process_cycle.c:362
#9 0x000000000042469b in ngx_master_process_cycle (cycle=0x19c1230)
at src/os/unix/ngx_process_cycle.c:136
argv=<value optimized out>) at src/core/nginx.c:412
(gdb)
commenting out ngx_http_modsecurity_header/filter/ngx_http_modsecurity_body_filter resolves the problem.
sample config:
server {
...
ModSecurityEnabled on;
ModSecurityConfig /etc/modsecurity.conf;
location / {
proxy_pass http://backend;
}
}
OWASP-CRS base rules used with default modsecurity.conf and some features disabled:
SecRequestBodyAccess On
SecResponseBodyAccess Off
SecDefaultAction "phase:2,deny"
SecRuleEngine On
SecPcreMatchLimit 5000
SecPcreMatchLimitRecursion 5000
SecAuditEngine Off
Metadata
Metadata
Assignees
Labels
No labels