Mod_security unbelivably slow

  • So, new issue now. mod_security is up and running, however, there is a consistent 10 second delay between receiving packets and passing them out to the backend server. Going back out there is zero delay.

    Timing is kind of suspect since its a very consistent 10 seconds. Any ides why?

    Also, I've tried to activate the debug log but I can't get it to log anything. Have found the syntax:

    SecFilterDebugLevel 9
    SecDebugLogLevel 9

    but neither works.

  • Can you check if dns configured on pfsense is working fine? Tried to enable/disable dns forwarder or something?

  • DNS forwarder is not in use (is disabled). pfSense is configured to use two back-end DNS servers, has always worked fine. The primary is listed first, the secondary second. The back-end web server CNAME was recently added to the Primary DNS since traffic needed to be routed via host header, not with a path. The slave immediately updated its zone.

    There was a power failure overnight Sunday morning, and when UPS ran out all servers were shut down until power was restored.

    Testing from a remote location right now, its serving up the robots.txt file as fast as 102ms. Probably restarting something resolved the issue, though since the whole farm was restarted its impossible to know what specifically did it. Hopefully it stays resolved!

Log in to reply