Hi,
After 1.210 release, everything is great but nobody-ip.pag still grows too big. Can you at least provide rule(s) id(s) so we can disable temporary?
Hi
We are working on this. Thank you for contacting us.
Hi
Do you have issue still now?
Hi,
From which update is it fixed so I can check on few servers?
Hi Can you please provide ip.pag file with limited content.
I will purge the file on few servers and wait 24h and then provide the biggest one.
Hi Dusanf
1.You can disable the following rules IDs, if it is not needed for you.
2.Otherwise you have to schedule ip.pag file reset/truncate.
225180
225181
225182
240330
240331
240332
240333
240334
240335
240336
241140
241141
241142
241143
Thank you for contacting Us. If you have any doubt please let me know.
The same happens here. In 2 of our servers the file nobody-ip.pag does not stop growing.
This generates a large CPU load.
Are you working on any solution?
Or do we need to delete the file every so often?
Thanks
Hi
Did you disable above mentioned signature?
No not yet. I will proceed to it.
Are you going to eliminate those rules in the future?
Thanks
Hi DiegoAD
1.You can disable the following rules IDs, if it is not needed for you.
2.Otherwise you have to schedule ip.pag file reset/truncate.
225180
225181
225182
240330
240331
240332
240333
240334
240335
240336
241140
241141
241142
241143
Thank you for contacting Us. If you have any doubt please let me know.
The file with problems es nobody-ip.pag.
How should I perform this second step that you indicate?
Thanks
- GitHub - SpiderLabs/modsec-sdbm-util: Utility to manipulate SDBM files used by ModSecurity. With that utility it is possible to _shrink_ SDBM databases. It is also possible to list the SDBM contents with filters such as: expired or invalid items only.
- Locate the file ip.pag in /tmp folder and clear the file content :tmp# > ip.pag and default.SESSION file also and restart the webserver.
Thank you very much for your answer.
One last query: what happens if I directly delete the file? I thought that I could create a cron so that the nobody-ip.pag file is deleted for example, when it exceeds 3 Gb, is this possible?
Thanks
Hi
Ya sure you can create Cron. But please follow the following steps
- Delete the file directly (ip.pag and default.SESDION*)
- Create the empty file but filename should be same.
- Restart the web server.
Thank you for contacting us. If you have any queries please let me know.
I have too nobody-ip.pag 4GB - server high load . After contact with cp support they told me to report this problem to you.
Hi
You have to clear the file contents. please follow the following instructions
- GitHub - SpiderLabs/modsec-sdbm-util: Utility to manipulate SDBM files used by ModSecurity. With that utility it is possible to _shrink_ SDBM databases. It is also possible to list the SDBM contents with filters such as: expired or invalid items only. or
- Locate the file nobody-ip.pag in /tmp folder and clear the file content :tmp# > nobody-ip.pag and default.SESSION file also and restart the web server or
3.you can create Cron. But please follow the following steps
3.1. Delete the file directly (nobody-ip.pag and default.SESDION*)
3.2. Create the empty file but filename should be same.
3.3. Restart the web server.
Thank you for contacting us. If you have any queries please let me know.
H
Im still getting high laods and the file is now clear
Hi
if you get high load in nobody-ip.pag or ip.pag file means you have got more attacks. For prevent your we application, this was happened. Please make Cron job for clear the file contents once exist 3 gb. This ll help clear the file automatically. So you won’t get high load.
No there all clear we run a command to clean them. but i thought comodo was working on a fix for this.