mod security - potential bug w/ default action under Request Filter

Discussion in 'Bug Reports' started by c0ldshadow, Jan 2, 2014.

  1. c0ldshadow

    c0ldshadow New Member

    using latest version of litespeed I tried changing default action for modsecurity blocking FROM:

    log,deny,msg:'globalblock'


    TO

    log,drop,msg:'globalblock' (this is what it was originally)


    this caused the webserver to crash as soon as i triggered a block rule (so all websites stopped working) tested this 3 times

    only fix was rebooting the server

    the crashes only occured after modsec rules triggered, not as soon as the change was made
  2. mistwang

    mistwang LiteSpeed Staff

    I could not make it crash by changing "deny" to "drop".
    Do you get core file under /tmp/lshttpd/bak_core/ ?
    Please install gdb to check the core file with gdb.
    If you set admin's email, you will get email bug report for the crash.

Share This Page