On 29 May 2007, at 22:31, Marc Perkel wrote:
I'm running FC6 and added mod_security using the default rule set and the load level on the system is about 5 times higher than without it. I'm wondering what rule sets I might disable that would give me some security without slowing the server down to a crawl. Could use some practical advice.
What are you protecting? A jump that big suggests the possibility that your contents may be predominantly static. In which case, turn mod_security off!
The really big performance hit with mod_security is if you scan requestand/or response bodies with it. And I can't see how you could usefully apply
any default ruleset to that. -- Nick Kew --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|