nginx/1.9.9 with modsecurity/2.9.0 crashes with segfault and worker process exited on signal 11

Lukas l at ymx.ch
Sun Jan 10 14:03:46 UTC 2016


> Rainer Duffner <rainer at ultra-secure.de> [2016-01-10 14:46]:
>
>
> > Am 10.01.2016 um 14:39 schrieb Lukas <l at ymx.ch>:
> >
> > Unfortunately, ever when modsecurity is enabled, nginx reports a
> > sefault in sysmessages.
> >
> > Searching the web did not reveal any solution, i.e. I switched off
> > SecAudit* and even started modsecurity without rules -- it continued
> > crashing.
> >
>
>
> By chance, I tried to get this to work just yesterday and also got only SIGSEGV from it.
> (nginx 1.8, FreeBSD 10.1-amd64, ap22-mod_security-2.9.0, all from my own repository)
>
>
> I found this:
>
> https://github.com/SpiderLabs/ModSecurity/issues/839
>
> So, you need to set
>
> proxy_force_ranges on;
>
> in the location you want to protect with mod_security.
>
> It didn???t segfault any more after this - but I haven???t had time to check how well it actually works.
>

Thanks for your hint, Rainer.  Now it has not crahed anymore.....

wbr
Lukas



More information about the nginx mailing list