Issue
After the Imunify360 WAF rules update to version 8.11, Apache/httpd processes may consume excessive CPU, causing high server load and possible service degradation or outage.
The issue was reported after the latest ModSecurity rules update. In the observed cases, CPU usage returned to normal after temporarily disabling Imunify360 ModSecurity rules or disabling the affected rule.
One reported rule involved in the high CPU usage:
/etc/apache2/modsecurity.d/rules/custom/013_i360_generic.conf
Rule: 77701396WARNING
im360.nats_gateway: Failed to send messages via NATS: 0 published, 294 re-queued: NATS reconnect backoff (3.9s remaining)
ERROR
ModsecSensor Error while tailing file: line exceeds MaxLineSize Environment
- Imunify360
- WAF
- ModSecurity ruleset
8.11 - Apache/httpd
Solution
The fix has been included in ruleset v8.12, currently in stable.
Useful links
- https://docs.imunify360.com/features/#manual-modsec-rules-update-management
- Internal task:
WPT-2542
Comments
0 comments
Please sign in to leave a comment.