Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More
Some ModSecurity users like to run really large rule sets, where the number of rules runs into thousands. (No, I don't think ModSecurity should be used with such large rule sets but I'll talk about that some other time.) But there is a problem. Where Apache 2.x relies on PCRE (http://www.pcre.org) for regular expression processing, Apache 1.x uses a much slower internal regex library. And when I say much slower I mean several times slower. Slower speed in the Apache 1.x branch is not a problem for normal use but it is a problem when there are many rules to process on every request.
The most recent release of ModSecurity, 1.9.2-rc2, makes it possible to compile ModSecurity against PCRE even if you are an Apache 1.x user, thus gaining the same regex processing speed as the Apache 2.x users.
In other news, it is now also possible to disable process creation through suEXEC (compile with -DDISABLE_SUEXEC).
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.