ApacheNetworking & SecurityWeb Server
Modsecurity rule execution error - PCRE limits exceeded
If you are getting following mod_security error in the Apache error logs
[Mon Jun 11 16:54:50 2011] [error] [client 171.235.170.226] ModSecurity: Rule 8269d10 [id "-"][file "/usr/local/apache/conf/modsec2.user.conf"][line "763"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "www.example.com"] [uri "/wp-content/themes/daily/timthumb.php"] [unique_id "T9YUytXlXKcADxXq-WUAAAAg"]
then to get rid of the error you will have to make some server side changes as the above rule can not be excluded for single domain on the server.
1) Login to the server as a root user from shell.
2) Go to Apache configuration directory
cd /usr/local/apache/conf
3) Create a new file
touch pcre_modsecurity_exceeded_limits.conf
4) Add the following contents by editing the above file using any editor like vi
SecPcreMatchLimit 150000 SecPcreMatchLimitRecursion 150000
5) Change the permission of the file to 600
chmod 600 /usr/local/apache/conf/pcre_modsecurity_exceeded_limits.conf
6) Open the mod_security file containing rules
vi /usr/local/apache/conf/modsec2.user.conf
7) Locate the line
<IfModule mod_security2.c>
8 ) Add the below line above the line located at step 7 and save the file.
Include "/usr/local/apache/conf/pcre_modsecurity_exceeded_limits.conf"
9) Make a configuration test before restarting Apache service
/etc/init.d/httpd configtest
10) If there is no syntax then restart Apache service
If any feedback, queries are always welcome!