Beware the [N]'s of March. Apache mod_rewrite flags to watch out for.

home | blog | Teh Internet | guest blog |rants | placeholder | political | projects | Gwen and Liam | Citadel patched | Tools | Scouts


- Careful Chrome users, this search box might be "Not secure"



Ok, so it is only February, but I digress.
If you are using [N] in your re-write rule and using Apache before 2.4.8 you might be in
for an infinite loop, an Apache process that uses all available memory, (and the OOM
killer will reap your apache process) if you are not careful with your regex.

Here, Stefan Göbel says it best in his post:
http://subtype.de/apache/apache-mod-rewrite-n-flag-infinite-loop.html
As always, in case of the link I referenced goes away, here is a terrible summary by yours truly:
If you use the [N] - next tag in a mod_rewrite rule to perform a substitution, you might end up
chewing up all of your server memory with one Apache process if the substitution appends further
PATH_INFO that contains your subsitution.

Which of course will append your substitution, and then loop around and append your substitution...
You can see where that will take you.

Apache version 2.4.8 limits your iterations to 32,000, but versions before that don't.

So, make sure your regex post substitution (after appending PATH_INFO) does not append
your replacement substitution, or you will be holding that mirror up to your mirror, and tempting
the OOM killer.
The bug report mentioned in the blog post above explains it well: https://bz.apache.org/bugzilla/show_bug.cgi?id=44922
It looks like later versions of Apache allow the [N] flag let you to limit the loops
(i.e. N=10) and avoid the infinite loop issue.


A big thank you to anyone who might have fallen victim to this trap, and shared the findings with me :-)




[æ]