Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 48961 invoked from network); 29 May 2007 22:26:02 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 29 May 2007 22:26:02 -0000 Received: (qmail 31931 invoked by uid 500); 29 May 2007 22:25:56 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 31922 invoked by uid 500); 29 May 2007 22:25:56 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 31911 invoked by uid 99); 29 May 2007 22:25:56 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 29 May 2007 15:25:56 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: neutral (herse.apache.org: local policy) Received: from [80.229.52.226] (HELO munin.local) (80.229.52.226) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 29 May 2007 15:25:51 -0700 Received: from [127.0.0.1] (localhost [127.0.0.1]) by munin.local (Postfix) with ESMTP id 222DE184FDD for ; Tue, 29 May 2007 23:24:51 +0100 (BST) Mime-Version: 1.0 (Apple Message framework v752.3) In-Reply-To: <465C9B9C.1050800@perkel.com> References: <465C9B9C.1050800@perkel.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <7E51544A-18FF-4CC7-A4D1-3A0E5B0AF154@webthing.com> Content-Transfer-Encoding: 7bit From: Nick Kew Date: Tue, 29 May 2007 23:24:49 +0100 To: users@httpd.apache.org X-Mailer: Apple Mail (2.752.3) X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] mod_security and system load On 29 May 2007, at 22:31, Marc Perkel wrote: > I'm running FC6 and added mod_security using the default rule set > and the load level on the system is about 5 times higher than > without it. I'm wondering what rule sets I might disable that would > give me some security without slowing the server down to a crawl. > Could use some practical advice. What are you protecting? A jump that big suggests the possibility that your contents may be predominantly static. In which case, turn mod_security off! The really big performance hit with mod_security is if you scan request and/or response bodies with it. And I can't see how you could usefully apply any default ruleset to that. -- Nick Kew --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org