On the site where Apache+ModSecurity is in operation, it is blocked in the event of an attack and is running Apache Graceful.
However, Apache Graceful fails irregularly, leaving Apache down and unable to operate the service.
There was a rare report that Graceful would fail if there were too many attacks, but this is the same as not being able to defend the attack, and there is no child.
The following error logs are thrown out when Graceful fails:
Error Contents
[core:notice][pid9084] AH00060:seg fault or similar nasty error detected in the parent process
Is there anyone who has taken measures in the same situation?
Alternatively, I would appreciate it if you could advise me on Apache+ModSecurity.
Server Environment
CentOS 7.8.2003 (Core)
Apache 2.4.6
ModSecurity 2.9.2-1
The above servers are set up to take advantage of Cybersecurity Cloud's Attack Blocker (server security type).
When I checked with the manufacturer, they answered that it rarely falls.
I'm in trouble because I don't have any useful information even if I look up various websites.
Thank you for your cooperation.
It may not be a complete answer, but I will try to answer as far as I know.
If you search by error message, for example, the following article will be a hit:
apache terminated abnormally in the middle of the night
The cause is probably Apache's bug.
Depending on the version, if you reboot repeatedly with reload(graceful), the reboot will drop like this several times.
In the above article, it seems that there was a problem while restarting Apache repeatedly at the logrotate timing, but in your environment, it is possible that you are experiencing a similar problem with Attack Detection.
Your CentOS is a slightly older version of 7.8.2003, so updating Apache may solve this problem quickly.
For your information, for CentOS 7.9.2009,
(probably the latest version at this time)
The httpd-2.4.6-95.el7.centos.x86_64.rpm package appears to be released.
© 2024 OneMinuteCode. All rights reserved.