id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
690	nginx + mod_security segfaults	Igor D'Astolfo		"I just made a test with nginx 1.7.9 and mod_security for nginx, following this tutorial: http://www.nginxtips.com/how-to-install-mod_security-on-nginx/

I configured nginx as reverse proxy with mod_security enabled. After few requests nginx was segfaulting, always when serving images. I checked the coredump, this is the output:

Program terminated with signal SIGSEGV, Segmentation fault.
#0  ngx_http_upstream_copy_allow_ranges (r=0x2678680, h=0x7fff406e6f40, offset=<optimized out>) at src/http/ngx_http_upstream.c:4571
4571	    if (r->upstream->conf->force_ranges) {

so I tried to set proxy_force_ranges flag in configuration and the segfault went away.

Note that if I turn off modsecurity the proxy alone works fine.

  "	defect	closed	critical	1.7.9	nginx-core	1.7.x	invalid	proxy reverse mod_security		Linux ubuntu 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 03:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux	"nginx version: nginx/1.7.9
built by gcc 4.8.2 (Ubuntu 4.8.2-19ubuntu1) 
configure arguments: --add-module=../modsecurity-2.8.0/nginx/modsecurity
"