Welcome! Log In Create A New Profile

Advanced

execution error - pcre limits exceeded (-8)

Posted by Dino Edwards 
Dino Edwards
execution error - pcre limits exceeded (-8)
April 20, 2017 08:50PM
Hello,

I have compiled nginx 1.12.0 with modsecurity on a Ubuntu 16.04 server and I'm running it as a reverse proxy in front of an Apache webserver which hosts a variety of different type of websites. After enabling modsecurity I'm starting to get a lot of the following errors in the error.log file:

execution error - pcre limits exceeded (-8)

At that point, web pages don't load correctly. Can someone help with this? I haven't found anything useful on google except some references of adjusting my php.ini file which doesn't seem to be relevant in my case.

Thanks

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Andrei Belov
Re: execution error - pcre limits exceeded (-8)
April 21, 2017 10:50AM
Hi Dino,

> On 20 Apr 2017, at 21:42, Dino Edwards <[email protected]> wrote:
>
> Hello,
>
> I have compiled nginx 1.12.0 with modsecurity on a Ubuntu 16.04 server and I’m running it as a reverse proxy in front of an Apache webserver which hosts a variety of different type of websites. After enabling modsecurity I’m starting to get a lot of the following errors in the error.log file:
>
> execution error - pcre limits exceeded (-8)
>
> At that point, web pages don’t load correctly. Can someone help with this? I haven’t found anything useful on google except some references of adjusting my php.ini file which doesn’t seem to be relevant in my case.
>
> Thanks

Which version of modsecurity are you using with nginx?

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Dino Edwards
RE: execution error - pcre limits exceeded (-8)
April 21, 2017 11:40AM
Hi Andrei,

Which version of modsecurity are you using with nginx?

I’m using 2.9.1
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Andrei Belov
Re: execution error - pcre limits exceeded (-8)
April 21, 2017 12:10PM
> On 21 Apr 2017, at 12:29, Dino Edwards <[email protected]> wrote:
>
> Hi Andrei,
>
> Which version of modsecurity are you using with nginx?
>
> I’m using 2.9.1

It's worth to try libmodsecurity (aka ModSecurity 3.x) + nginx connector instead:

https://github.com/SpiderLabs/ModSecurity/tree/v3/master
https://github.com/SpiderLabs/ModSecurity-nginx

Please note that libmodsecurity does not support all of ModSecurity 2.x features:
https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-version-3-%28earlier-release-candidate-1%29

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Dino Edwards
RE: execution error - pcre limits exceeded (-8)
April 21, 2017 02:30PM
>It's worth to try libmodsecurity (aka ModSecurity 3.x) + nginx connector instead:

>https://github.com/SpiderLabs/ModSecurity/tree/v3/master
>https://github.com/SpiderLabs/ModSecurity-nginx

>Please note that libmodsecurity does not support all of ModSecurity 2.x features:
>https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-version-3-%28earlier-release-candidate-1%29

So, from what I understand, libmodsecurity is targeted for Nginx and it does not rely on apache2 elements anymore. Is this going to be stable enough for production or would I be better off with NAXSI?



_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Dino Edwards
RE: execution error - pcre limits exceeded (-8)
April 22, 2017 02:20PM
> It's worth to try libmodsecurity (aka ModSecurity 3.x) + nginx connector instead:

> https://github.com/SpiderLabs/ModSecurity/tree/v3/master
> https://github.com/SpiderLabs/ModSecurity-nginx

I'm trying to download/compile libmodsecurity and everything I read concerning Ubuntu, it instructs me to use build.sh (./build.sh), however when I clone https://github.com/SpiderLabs/ModSecurity/tree/v3/master build.sh file is not there. I'm not that familiar with git so I'm sure I'm doing something wrong.





_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Anoop Alias
Re: execution error - pcre limits exceeded (-8)
April 22, 2017 02:20PM
From the docs:

yum install gcc-c++ flex bison yajl yajl-devel curl-devel curl GeoIP-devel
doxygen zlib-devel pcre-devel
git clone https://github.com/SpiderLabs/ModSecurity
cd ModSecurity
git checkout -b v3/master origin/v3/master
sh build.sh
git submodule init
git submodule update

On Sat, Apr 22, 2017 at 5:43 PM, Dino Edwards <[email protected]
> wrote:

>
> > It's worth to try libmodsecurity (aka ModSecurity 3.x) + nginx connector
> instead:
>
> > https://github.com/SpiderLabs/ModSecurity/tree/v3/master
> > https://github.com/SpiderLabs/ModSecurity-nginx
>
> I'm trying to download/compile libmodsecurity and everything I read
> concerning Ubuntu, it instructs me to use build.sh (./build.sh), however
> when I clone https://github.com/SpiderLabs/ModSecurity/tree/v3/master
> build.sh file is not there. I'm not that familiar with git so I'm sure I'm
> doing something wrong.
>
>
>
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>



--
*Anoop P Alias*
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Sorry, only registered users may post in this forum.

Click here to login