На этой странице описаны ошибки модуля ModSecurity под веб-сервером Apache и способы их устранения, а также различные проблемы связанные с использованием Mod_Security
ModSecurity: collections_remove_stale: Failed to access DBM file
Интересная ошибка mod_security, так сразу, с разбега, её локализировать и не получилось…
less /var/log/httpd/error_log|grep remove_stale # or less /var/log/apache2/error.log|grep remove_stale
[Fri Sep 06 01:10:49 2013] [error] [client 199.30.24.132] ModSecurity: collectio
ns_remove_stale: Failed to access DBM file «/tmp//ip»: Permission denied [hostna
me «example.com»] [uri «/fcgi-bin/php-fcgi-wrapper/index.php»] [unique_id «
UijzWF2qgHIAAFki1-0AAAAE»]
[Fri Sep 06 14:03:43 2013] [error] [client 176.137.161.136] ModSecurity: collect
ions_remove_stale: Failed to access DBM file «/tmp//global»: Permission denied [
hostname «example.com»] [uri «/fcgi-bin/php-fcgi-wrapper/index.php»] [uniqu
e_id «Uimofl2qgHIAAFy2SagAAAAF»]
Указание полного пути к каталогу /tmp в директиве SecDataDir и SecTmpDir может и нерешить проблему:
vi /etc/httpd/conf.d/00_mod_security.conf ... SecDataDir /tmp SecTmpDir /tmp
Смена владельца каталога /tmp/ на nobody также недаст желаемого результата. Владельцем каталога /tmp/ по умолчанию является «chown -R root:root /tmp» и правами на выполнение/запись для всех «chmod 0777 /tmp«
Создание отдельного каталога с установкой прав и явным указанием полного пути к каталогу в директиве SecDataDir и SecTmpDir также может нерешить проблему
mkdir /var/log/httpd/mod_security /var/log/httpd/mod_security/data chown -R apache:apache /var/log/httpd/mod_security chmod -R 0777 /var/log/httpd/mod_security vi /etc/httpd/conf.d/00_mod_security.conf
Кому-то якобы помогало решить проблему «ModSecurity: collections_remove_stale: Failed to access DBM file» созданием директории tmp в chroot директории:
# Нужно создать директорию tmp в chroot директории сервера # Обычно это /var/www/ или /var/apache2/ mkdir /var/www/tmp # Установить владельцем каталога, пользователя под которым # изначально запускается сервер, обычно apache или www-data chown -R apache:apache /var/www/tmp # Дать разрешение на выполнение/запись для всех, кроме публичных chmod -R 770 /var/www/tmp # Или создать символьную ссылку (ака Symbolic link) ln -s /tmp /var/www/tmp # Перезапустить сервер apachectl graceful
Собственно решение проблемы в моём случае было такое:
По ошибке «ModSecurity: collections_remove_stale: Failed to access DBM file» есть ещё некоторые размышления, но мне лично они непригодились:
- Increasing ModSecurity Collection Size Limits
Если все хорошо, то ошибки mod_security «ModSecurity: collections_remove_stale: Failed to access DBM file» в логфайлах быть недолжно, а в каталоге /tmp должны быть файлы: global.pag, ip.pag, global.dir и ip.dir
Если в системе установлена SELinux, то нужно попробовать отклюить её:
$ setenforce 0 или $ echo 0 > /selinux/enforce
Если после отключения SELinux проблема решена, значит создадим правило и снова включим SELinux:
$ chcon -R system_u:object_r:httpd_sys_content_t /path/to/modsec_storage $ setenforce 1 или $ echo 1 > /selinux/enforce
Если ничего не помогло, то последнее, что можно сделать это отключить правила связанные со сбором IP: 900050, 900018, 900020, 900021
SecRuleRemoveById not allowed here
[Sun Sep 08 13:30:30 2013] [alert] [client 98.135.221.142] /var/www/public_h
tml/.htaccess: SecRuleRemoveById not allowed here, referer: http://example.
com/index.php
Ошибка mod_security «SecRuleRemoveById not allowed here» возникает только при исполнении PHP файлов, при открытии ХТМЛ файлов эта ошибка обычно не проявляется.
Использование директив mod_security в файле .htaccess разрешено только в том случае, если во время компиляции модуля .htaccess был указан флаг --enable-htaccess-config и если он был действительно указан, то в .htaccess можно будет использовать такие директивы mod_security
- SecAction
- SecRule
- SecRuleRemoveByMsg
- SecRuleRemoveByTag
- SecRuleRemoveById
- SecRuleUpdateActionById
- SecRuleUpdateTargetById
- SecRuleUpdateTargetByTag
- SecRuleUpdateTargetByMsg
На практике большая часть модулей mod_security, доступных из различных репозиториев, компилируется без указания --enable-htaccess-config, например mod_security из репозитория atomic
ModSecurity: Execution error — PCRE limits exceeded
[Fri Sep 06 15:07:59 2013] [error] [client 183.168.233.180] ModSecurity: Rule 7f
8b022e38e8 [id «981256»][file «/etc/httpd/modsecurity.d/activated_rules/modsecur
ity_crs_41_sql_injection_attacks.conf»][line «232»] — Execution error — PCRE lim
its exceeded (-8): (null). [hostname «example.com»] [uri «/forum»] [unique_id «U
im3j12qg3EAABGaVwoAAAAI»]
PCRE (Perl Compatible Regular Expressions) — библиотека, которая реализует работу регулярных выражений в стиле Perl, но с некоторыми отличиями.
Лимит для ModSecurity «PCRE limits» можно изменить следующим образом:
vi /etc/httpd/modsecurity.d/modsecurity.conf # PCRE Tuning # We want to avoid a potential RegEx DoS condition # SecPcreMatchLimit 1000 SecPcreMatchLimitRecursion 1000 apachectl graceful
Изменять лимит ModSecurity «PCRE limits» выше значения по умолчанию нерекомендуется! Значение по умолчанию для SecPcreMatchLimit и SecPcreMatchLimitRecursion = 1500.
Ошибка «ModSecurity: Execution error — PCRE limits exceeded» часто может возникать из-за неправильно составленных правил или например из-за того, что версия правил устаревшая и не соответствует версии самого модуля mod_security.
Другими словами если версия mod_security 2.7.5, а версия правил 2.2.6, то нам явно нужно обновить правила mod_security до версии 2.2.8, здесь читаем список изменений в правилах owasp-modsecurity-crs
После загрузки и распаковки/обновления правил также рекомендуется обновить и modsecurity_crs_10_setup.conf:
wget -O master.zip https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/master.zip unzip master.zip rm master.zip cp -Rf owasp-modsecurity-crs-master/* /etc/httpd/modsecurity.d/ rm -Rf owasp-modsecurity-crs-master cd /etc/httpd/modsecurity.d/ cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_setup.conf ln -s /etc/httpd/modsecurity.d/modsecurity_crs_10_setup.conf /etc/httpd/modsecurity.d/activated_rules/modsecurity_crs_10_setup.conf for f in `ls base_rules` ; do ln -s /etc/httpd/modsecurity.d/base_rules/$f /etc/httpd/modsecurity.d/activated_rules/$f ; done ls -l activated_rules
Ссылки по теме:
- ModSecurity: Open Source Web Application Firewall — Documentation
- Mod_Security .htaccess tricks
Есть ошибка модуля ModSecurity, но нет решения, тогда пишем в комментарии…
Just about on every request I am getting the following error:
Rule execution error - PCRE limits exceeded (-8): (null).
After a bunch of googling the only solutions seem to be
a) Add the following in your httpd.conf
SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000
b) Add the following to your php.ini
pcre.backtrack_limit = 10000000
pcre.recursion_limit = 10000000
c) Use a version that was compiled with -disable-pcre-match-limit option.
I am running the following:
ModSecurity for Apache/2.5.12 (http://www.modsecurity.org/).
Apache/2.2.16 (Debian) PHP/5.3.3-7+squeeze8 with Suhosin-Patch mod_ssl/2.2.16 OpenSSL/0.9.8
For ModSec my rules, I am using the OWASP ModSecurity Core Rule Set Project version (CRS) version 2.2.3 which is the newest as of this posting.
My httpd.conf consists of essentially:
<IfModule security2_module>
SecUploadDir /var/asl/data/suspicious
SecDataDir /var/asl/data/msa
SecTmpDir /tmp
SecAuditLogStorageDir /var/asl/data/audit
Include modsecurity.d/modsecurity_crs_10_config.conf
Include modsecurity.d/activated_rules/*.conf
SecRuleEngine On
# Debug log
SecDebugLog /var/log/apache2/modsec_debug.log
SecDebugLogLevel 3
# Serial audit log
SecAuditEngine RelevantOnly
SecAuditLogRelevantStatus ^5
SecAuditLogParts ABIFHZ
SecAuditLogType Serial
SecAuditLog /var/log/apache2/modsec_audit.log
SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000
</IfModule>
<IfModule mod_php5.c>
php_admin_flag pcre.backtrack_limit 10000000
php_admin_flag pcre.recursion_limit 10000000
</IfModule>
Of which inside my modsecurity.d directory is just all the default rules CRS has in their install file. I have also set the pcre limits to 150000000 and 100000000000 and more, but to no available.
So in conclusion:
solutions a and b are not working, and I prefer greatly not to do c…as I don’t really understand/like compiling.
Anyone have any other ideas?
Isn’t it irritating to see ‘ModSecurity PCRE limits exceeded’ error?
This error generally occurs when the value of the variables SecPcreMatchLimit and SecPcreMatchLimitRecursion are too low. It can even occur when the server is under a DOS attack too.
At Bobcares, we often receive requests to fix ModSecurity errors as a part of our Server Management Services.
Today, let’s discuss the cause of this error see how our Support Engineers fix it.
What causes ModSecurity PCRE limits exceeded error to occur?
Before heading for the cause of this error, let’s take a look at what PCRE is. And then we shall see what causes this error to occur.
PCRE is abbreviated as Perl Compatible Regular Expressions. The PCRE package contains PCRE libraries. These are useful for implementing regular expression pattern matching using the same syntax and semantics as Perl.
PCRE limits are the settings internal to the PCRE engine. They are used to limit the maximum amount of memory/time spent on trying to match some text to a pattern.
If the PCRE limit is low then it is more difficult to subvert PCRE and the regular expressions to commit DoS attacks. The different PCRE limits include SecPcreMatchLimit, SecPcreMatchLimitRecursion, pcre.backtrack_limit, and pcre.recursion_limit.
The default value set for this limit is 10 million. In case, if a proper value is not provided then the ModSecurity will throw an error.
These limits are the major cause for this error to occur. This can be an aftereffect of complex Modsecurity rules. The content may be so complex that the WAF stops doing too much work which could lead to a DOS attack on the system itself. Additionally, the error can display when the server is actually under a DDOS attack.
How we fix ModSecurity PCRE limits exceeded?
Having a decade of experience in managing servers, our Dedicated Engineers are familiar with the ModSecurity errors. The primary objective is to find whether the server is actually under attack or not.
Now, let’s discuss how our Support Engineers fix this error.
Recently, one of our customers received the below error message
mod_security - PCRE limits exceeded (-8): (null)
As a first step, we examined the server log files to ensure that the server was not under attack. This happened due to the complex regular expression on the websites. Thus, we had to raise the PCRE limits to fix the error.
So, our Support Engineers added the below codes in httpd.conf file.
SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000Then, we added the below codes in php.ini file.
pcre.backtrack_limit = 10000000
pcre.recursion_limit = 10000000After that, we restarted the Apache using the command:
service httpd restartFinally, this fixed the error.
[Need any assistance with Modsecurity errors? – We’ll help you]
Conclusion
In short, the error ModSecurity PCRE limits exceeded occurs due to the low value set for PCRE limits. Today, we saw how our Support Engineers fix this error.
PREVENT YOUR SERVER FROM CRASHING!
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
GET STARTED
var google_conversion_label = «owonCMyG5nEQ0aD71QM»;
I have problem when implementing modsecurity and crs. Here is the issue, I hope anyone can give us some guide for resolving this issue.
Apache version :
Server version: Apache/2.4.29 (Ubuntu) Server built:
2022-06-23T12:51:37
ModSecurity version :
modsecurity-2.9.6 (compiled from source)
Error :
[id "-"][file "/etc/apache2/modsecurity.d/owasp-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"][line "92"] - Execution error - PCRE limits exceeded (-8): (null).
[id "-"][file "/etc/apache2/modsecurity.d/owasp-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"][line "249"] - Execution error - PCRE limits exceeded (-8): (null).
[id "-"][file "/etc/apache2/modsecurity.d/owasp-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"][line "276"] - Execution error - PCRE limits exceeded (-8): (null).
[id "-"][file "/etc/apache2/modsecurity.d/owasp-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"][line "329"] - Execution error - PCRE limits exceeded (-8): (null).
[id "-"][file "/etc/apache2/modsecurity.d/owasp-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"][line "355"] - Execution error - PCRE limits exceeded (-8): (null).
[id "-"][file "/etc/apache2/modsecurity.d/owasp-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"][line "381"] - Execution error - PCRE limits exceeded (-8): (null).
[id "-"][file "/etc/apache2/modsecurity.d/owasp-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"][line "407"] - Execution error - PCRE limits exceeded (-8): (null).
[id "-"][file "/etc/apache2/modsecurity.d/owasp-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"][line "433"] - Execution error - PCRE limits exceeded (-8): (null).
[id "-"][file "/etc/apache2/modsecurity.d/owasp-crs/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf"][line "459"]
Thing What I have done :
Set this value (tested before or after load crs.conf):
SecPcreMatchLimit 5000000
SecPcreMatchLimitRecursion 5000000
Add in php.ini
pcre.backtrack_limit=1000000
pcre.recursion_limit=1000000
restart php-fpm and apache2
And no luck!, the issue still persist.
Any ideas how to fix this.
Thank you.
-
#1
Hi
We re-complile with easyapache 5092 today, but our mod_Security still shows
Rule execution error — PCRE limits exceeded (-8): (null).
PCRE test shows
pcretest -C
PCRE version 6.6 06-Feb-2006
Compiled with
UTF-8 support
No Unicode properties support
Newline character is LF
Internal link size = 2
POSIX malloc threshold = 10
Default match limit = 10000000
Default recursion depth limit = 10000000
Match recursion uses stack
How to fix this PCRE problem please?
solution here is not working
http://forums.cpanel.net/f185/modsecurity-auto-updater-147745.html
-
#2
Hi
We re-complile with easyapache 5092 today, but our mod_Security still shows
Rule execution error — PCRE limits exceeded (-8): (null).
PCRE test shows
pcretest -C
PCRE version 6.6 06-Feb-2006
Compiled with
UTF-8 support
No Unicode properties support
Newline character is LF
Internal link size = 2
POSIX malloc threshold = 10
Default match limit = 10000000
Default recursion depth limit = 10000000
Match recursion uses stackHow to fix this PCRE problem please?
solution here is not working
http://forums.cpanel.net/f185/modsecurity-auto-updater-147745.html
Run /scripts/checkperlmodules as root a few times, or until you see there is no errors in you server, that helped me to fix the PCRE error.
It will be easier to run the check perl before the installation of the new 2.5.12.
Regards,
Sergio
Last edited: May 14, 2010
-
#3
Run /scripts/checkperlmodules as root a few times, or until you see there is no errors in you server, that helped me to fix the PCRE error.
If will be easier to run the check perl before the installation of the new 2.5.12.
Regards,
Sergio
I have the same issue, I have tried your solution on other thread but still the same.
#/scripts/checkperlmodules —force —full
Tested 141, 141 ok, 0 failed.
But still same issue.
-
#4
I have the same issue, I have tried your solution on other thread but still the same.
#/scripts/checkperlmodules —force —full
Tested 141, 141 ok, 0 failed.
But still same issue.
Have you checked your php.ini and modsec2.user.conf files?
-
#5
Have you checked your php.ini and modsec2.user.conf files?
Yes I have added in PHP.INI
pcre.backtrack_limit = 10000000
pcre.recursion_limit = 10000000
and added in modsec2.user.conf
SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000
But still the error below,
Rule execution error — PCRE limits exceeded (-8): (null)
-
#6
Yes I have added in PHP.INI
pcre.backtrack_limit = 10000000
pcre.recursion_limit = 10000000and added in modsec2.user.conf
SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000But still the error below,
Rule execution error — PCRE limits exceeded (-8): (null)
How many times did you run /scripts/checkperlmodules command? I recommend to run it a few times, I ran them 4 or 5 times in my servers. If you are using a VPS, maybe you will need to contact your vendor.
Sergio
-
#7
Friendly Moderator Note
To ensure organized discussion and prevent possible confusion I have forked the mod_security PCRE topic into a new thread, separating it from the original feature request that applied only to a general update for mod_security.
For reference, here is the original Feature Request thread: Mod Security 2.5.x Update — cPanel Forums
-
#8
Hi
We re-complile with easyapache 5092 today, but our mod_Security still shows
Rule execution error — PCRE limits exceeded (-8): (null).
PCRE test shows
pcretest -C
PCRE version 6.6 06-Feb-2006
Compiled with
UTF-8 support
No Unicode properties support
Newline character is LF
Internal link size = 2
POSIX malloc threshold = 10
Default match limit = 10000000
Default recursion depth limit = 10000000
Match recursion uses stackHow to fix this PCRE problem please?
solution here is not working
http://forums.cpanel.net/f185/modsecurity-auto-updater-147745.html
To confirm, are you using a custom or third-party ruleset for mod_security? Try disabling any custom rulesets and then, one-at-a-time, enable only those rules that you require. By testing rules one-at-a-time or in smaller subsets this will help to identify if the problem may be caused by an erroneous or incompatible rule for the latest mod_security release.
Please ensure that all rules or rulesets used are compatible with the version of mod_security being used, e.g., v1.9.5 for Apache 1.3 or v2.5.12 for Apache 2.x.
The quoted version of PCRE is not that of the version compiled by EasyApache; instead, it appears to be the same version that is included in the latest release of CentOS 5.5, as seen below:
Code:
# cat /etc/redhat-release
CentOS release 5.5 (Final)
# rpm -qf --qf "%{name}-%{version}-%{release}.%{arch}.rpmn" /usr/bin/pcretest
pcre-6.6-2.el5_1.7.x86_64.rpm
# /usr/bin/pcretest -C
PCRE version 6.6 06-Feb-2006
Compiled with
UTF-8 support
No Unicode properties support
Newline character is LF
Internal link size = 2
POSIX malloc threshold = 10
Default match limit = 10000000
Default recursion depth limit = 10000000
Match recursion uses stackThe following command may be used to accurately determine the version of PCRE in the «/opt» directory path that is installed by EasyApache:
Code:
# /opt/pcre/bin/pcretest -CExample:
Code:
# /opt/pcre/bin/pcretest -C
PCRE version 8.02 2010-03-19
Compiled with
UTF-8 support
Unicode properties support
Newline sequence is LF
R matches all Unicode newlines
Internal link size = 2
POSIX malloc threshold = 10
Default match limit = 10000000
Default recursion depth limit = 10000000
Match recursion uses stack-
#9
I’m having this problem as well. My server is running:
Code:
# rpm -qf --qf "%{name}-%{version}-%{release}.%{arch}.rpmn"
pcre-6.6-2.el5_1.7.x86_64.rpmCode:
# /usr/bin/pcretest -C
PCRE version 6.6 06-Feb-2006
Compiled with
UTF-8 support
No Unicode properties support
Newline character is LF
Internal link size = 2
POSIX malloc threshold = 10
Default match limit = 10000000
Default recursion depth limit = 10000000
Match recursion uses stackShould i remove the copy installed with CentOS 5.5?
I’ve run /scripts/checkperlmodules four or five time (errors only on the first pass).
-
#10
I’m having this problem as well. My server is running:
Code:
# rpm -qf --qf "%{name}-%{version}-%{release}.%{arch}.rpmn" pcre-6.6-2.el5_1.7.x86_64.rpmCode:
# /usr/bin/pcretest -C PCRE version 6.6 06-Feb-2006 Compiled with UTF-8 support No Unicode properties support Newline character is LF Internal link size = 2 POSIX malloc threshold = 10 Default match limit = 10000000 Default recursion depth limit = 10000000 Match recursion uses stackShould i remove the copy installed with CentOS 5.5?
I’ve run /scripts/checkperlmodules four or five time (errors only on the first pass).
I would not remove the RPM installation of PCRE that came with CentOS.
To better determine how to proceed it will help to know additional information. Please provide the output from the following commands:
Code:
# grep -H '' /usr/local/cpanel/version /var/cpanel/envtype
# /usr/local/apache/bin/httpd -v
# /opt/pcre/bin/pcretest -C-
#11
I would not remove the RPM installation of PCRE that came with CentOS.
To better determine how to proceed it will help to know additional information. Please provide the output from the following commands:
Thanks for looking at this Don, here’s the output requested:
Code:
# grep -H '' /usr/local/cpanel/version /var/cpanel/envtype
/usr/local/cpanel/version:11.26.9-RELEASE_48422
/var/cpanel/envtype:standardCode:
# /usr/local/apache/bin/httpd -v
Server version: Apache/2.2.16 (Unix)
Server built: Sep 11 2010 21:21:23
Cpanel::Easy::Apache v3.2.0 rev5186Code:
# /opt/pcre/bin/pcretest -C
PCRE version 8.02 2010-03-19
Compiled with
UTF-8 support
Unicode properties support
Newline sequence is LF
R matches all Unicode newlines
Internal link size = 2
POSIX malloc threshold = 10
Default match limit = 10000000
Default recursion depth limit = 10000000
Match recursion uses stack
-
#12
Thanks for looking at this Don, here’s the output requested:
Code:
# grep -H '' /usr/local/cpanel/version /var/cpanel/envtype /usr/local/cpanel/version:11.26.9-RELEASE_48422 /var/cpanel/envtype:standardCode:
# /usr/local/apache/bin/httpd -v Server version: Apache/2.2.16 (Unix) Server built: Sep 11 2010 21:21:23 Cpanel::Easy::Apache v3.2.0 rev5186Code:
# /opt/pcre/bin/pcretest -C PCRE version 8.02 2010-03-19 Compiled with UTF-8 support Unicode properties support Newline sequence is LF R matches all Unicode newlines Internal link size = 2 POSIX malloc threshold = 10 Default match limit = 10000000 Default recursion depth limit = 10000000 Match recursion uses stack
Thank you for the information. Are you using only the stock-default rules supplied by cPanel, or are you using any custom or third-party rules added into the mod_security configuration?
-
#13
Thank you for the information. Are you using only the stock-default rules supplied by cPanel, or are you using any custom or third-party rules added into the mod_security configuration?
Sorry for the delay… Got sidetracked on other things.
I was using gotroot rules, but after reading your question i figured your next action would be to suggest removing 3rd party rules. So i’ve done that, i’m running clean now and still generating «Rule execution error — PCRE limits exceeded (-8): (null).» in my log file.
What steps do you recommend i do now?
-
#14
Hello MajorWoody,
Could you submit a ticket now for this matter? At this point, it might be the quickest way for resolution. You can either use the link in my signature or WHM > Support Center > Contact cPanel area.
Thanks!
-
#15
I have many many servers that using CPanel have the same issue.
It looks like this: Rule execution error — PCRE limits exceeded (-8): (null). 302
I dont know why?
What should i do, CPanel?
Please give resolutions here to everyone. CPanel babe come on………….
-
#16
I have many many servers that using CPanel have the same issue.
It looks like this: Rule execution error — PCRE limits exceeded (-8): (null). 302
I dont know why?
What should i do, CPanel?
Please give resolutions here to everyone. CPanel babe come on………….
Please try what was suggested earlier in this thread: mod_security Rule execution error — PCRE limits exceeded (-8): (null).
-
#17
I can confirm that this is what i was told to do via a support ticket and my PCRE errors went away.
-
#18
I have many many servers that using CPanel have the same issue.
It looks like this: Rule execution error — PCRE limits exceeded (-8): (null). 302
I dont know why?
What should i do, CPanel?
Please give resolutions here to everyone. CPanel babe come on………….
Finally i got resolutions.
Just add these lines into the file .conf that contains rules of mod_security.
SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000
It helps me resolve this issueeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee.
-
#19
Hi,
Create pcre_modsecurity_exceeded_limits.conf under /usr/local/apache/conf
Then vi pcre_modsecurity_exceeded_limits.conf
add :
SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000
Save and quit the file.
chmod 600 pcre_modsecurity_exceeded_limits.conf
Now open the file /usr/local/apachec/conf/modsec2.user.conf
Search line line “<IfModule mod_security2.c>“
Add : Include “/usr/local/apache/conf/pcre_modsecurity_exceeded_limits.conf”
wq!
restart your apache and mysql service.
Issue fixed:
-
#20
Hi,
Create pcre_modsecurity_exceeded_limits.conf under /usr/local/apache/conf
Then vi pcre_modsecurity_exceeded_limits.conf
add :
SecPcreMatchLimit 150000
SecPcreMatchLimitRecursion 150000Save and quit the file.
chmod 600 pcre_modsecurity_exceeded_limits.conf
Now open the file /usr/local/apachec/conf/modsec2.user.conf
Search line line “<IfModule mod_security2.c>“
Add : Include “/usr/local/apache/conf/pcre_modsecurity_exceeded_limits.conf”
wq!
restart your apache and mysql service.
Issue fixed:
Is it necessary to create an external input as you can write directly on your MODSEC2.USER.CONF the same command lines and the effect will the same?