store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Thu Nov 27, 2014 11:52 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 6 posts ] 
Author Message
 Post subject: Performance of Apache 2 after ASL?
Unread postPosted: Sun Mar 13, 2011 2:51 am 
Offline
New Forum User
New Forum User

Joined: Sun Mar 13, 2011 2:48 am
Posts: 4
Location: Seoul
Hi. I am interested in these rules to be automatic so that both my Apache (web server) and Exim (email server, through ClamAV) are automatically protected without my worrying about tinkering with rules etc.

My biggest question: How do this affect the performance of both the web server and email server? I have heard having too many mod_sec rules will mean a performance hit. I get HUGE traffic so want to be very careful.

Would love to hear experience of actual users.

Thanks@


Top
 Profile  
 
 Post subject: Re: Performance of Apache 2 after ASL?
Unread postPosted: Sun Mar 13, 2011 10:47 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7959
Location: earth
The way mod_security is built and configured makes a big big difference there. Presumably you're on cpanel? If so they have a very poor default build & configuration for performance. This was one of the first things we had to resolve in the new ASL Cpanel beta.


Top
 Profile  
 
 Post subject: Re: Performance of Apache 2 after ASL?
Unread postPosted: Sun Mar 13, 2011 11:48 am 
Offline
New Forum User
New Forum User

Joined: Sun Mar 13, 2011 2:48 am
Posts: 4
Location: Seoul
I run Cpanel, but mod_sec config is entirely mine. You're speaking of "modsec2.user.conf" right? Or some other build?

My understanding is that Cpanel just installs mod_security, but I can configure it as I want...is this incorrect?

Anyway, thanks for this info. I'm interested in what the solution is. Can I install "ASL Cpanel" in a way that I can still control rules as I see fit?


Top
 Profile  
 
 Post subject: Re: Performance of Apache 2 after ASL?
Unread postPosted: Sun Mar 13, 2011 2:51 pm 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
pkiula wrote:
My biggest question: How do this affect the performance of both the web server and email server?


Mod_security is an Apache module, so it won't affect your e-mail server.

pkiula wrote:
I have heard having too many mod_sec rules will mean a performance hit. I get HUGE traffic so want to be very careful.


As long as a server is not short on RAM we haven't seen any obvious performance problems, but I don't know what you call HUGE traffic, so I guess you just need to go and do some load testing. Or maybe start with just a small number of rule sets and enable more from time to time to and see how it goes.

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
 Post subject: Re: Performance of Apache 2 after ASL?
Unread postPosted: Mon Mar 14, 2011 9:00 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7959
Location: earth
It can also be effected by the versions of libraries (pcre, apr, lua, etc) it is linked against, and also the way those libraries themselves are built. Ive found that the base Redhat design for those version & libraries offered the best balance for performance & usability so we duplicated that where we could in the ASL Cpanel installer.


Top
 Profile  
 
 Post subject: Re: Performance of Apache 2 after ASL?
Unread postPosted: Mon Mar 14, 2011 3:35 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3673
Location: Chantilly, VA
In short, no the rules won't make any difference, your performance will be effected by how apache is built and configured, not by the rules.

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group