Good morning! I have a problem with a site joomla to download big files (100MB). The file start to download but when it has a 30MB finalize the download (This happen in machines with Windows ) The errors of the log are this: [Wed Feb 26 09:21:38 2014] [error] [client xx.xx.xx.xx] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/etc/modsecurity/crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=, XSS=): Request from Known SPAM Source (Previous RBL Match)"] [hostname "xxxxxx.com"] [uri "/phocadownload/Instalador-DataOkey.zip"] [unique_id "Uw4FUMCoAqAAADpjXzAAAAAK"] [Wed Feb 26 16:55:53 2014] [error] [client xx.xx.xx.xx] ModSecurity: Rule 7f2edf34d280 [id "950901"][file "/etc/modsecurity/crs/activated_rules/modsecurity_crs_41_sql_injection_attacks.conf"][line "77"] - Execution error - PCRE limits exceeded (-8): (null). [hostname "www.xxxxxx.com"] [uri "/phocadownload/Instalador-DataOkey.zip"] [unique_id "Uw5w@MCoAqAAAGEmJykAAAAD"] [Wed Feb 26 17:07:23 2014] [error] [client xx.xx.xx.xx] ModSecurity: Warning. Operator LT matched 5 at TX:inbound_anomaly_score. [file "/etc/modsecurity/crs/activated_rules/modsecurity_crs_60_correlation.conf"] [line "33"] [id "981203"] [msg "Inbound Anomaly Score (Total Inbound Score: 3, SQLi=, XSS=): RBL Match for SPAM Source"] [hostname "www.xxxxxx.com"] [uri "/phocadownload/Instalador-DataOkey.zip"] [unique_id "Uw5w@MCoAqAAAGEmJykAAAAD"] With this error the first that I did was disable the mod_security module, then error change. [Wed Feb 26 17:35:15 2014] [warn] [client xx.xx.xx.xx] (104)Connection reset by peer: mod_fcgid: error reading data from FastCGI server, referer: http://xxxxxxxx.com/descargas [Wed Feb 26 17:35:15 2014] [warn] [client xx.xx.xx.xx] (104)Connection reset by peer: mod_fcgid: ap_pass_brigade failed in handle_request_ipc function, referer: http://xxxxxxxx.com/descargas In the php options of the site I put this intrucctions for security because is a site based on Joomla. ------------------------------------------------------------ register_globals=Off safe_mode=Off allow_url_fopen=Off allow_url_include=Off disable_functions=show_source,system,shell_exec,passthru,exec,phpinfo,popen,proc_open -------------------------------------------------------------- In the Apache options I put this for another error: -------------------------------------------------------------- FcgidMaxRequestLen 2000000 -------------------------------------------------------------- I search the error in google and find that is possible correct the error with this instructions in the php options: pcre.backtrack_limit= 10000000 pcre.recursion_limit= 10000000 But I read that pcre.recursion_limit could be consume the process heap of php. Anyway the change is not fully worked because the failure to 70MB download. In google I find that is necesary change the FcgidMaxRequestsPerProcess but the instrucctions is for cPanel. Is it applicable to ispconfig? I think that answer is true but if some one could confirm it.
The errors you posted are all from mod_security, they are no fcgi problems. Try to tur off mod_security for that website to see if this fixed your problem by settinf: SecRuleEngine off in apache directives field.
Solved The problem was the time variable FcgidBusyTimeout, 5 min were not sufficient. I add in Apache Options the variable FcgidBusyTimeout and set to 1800.
