diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c
index 66d204f7..d2ea6c5a 100644
--- a/apache2/msc_logging.c
+++ b/apache2/msc_logging.c
@@ -52,13 +52,18 @@ static int sec_auditlog_write(modsec_rec *msr, const char *data, unsigned int le
         msr_log(msr, 1, "Audit log: Failed writing (requested %" APR_SIZE_T_FMT
             " bytes, written %" APR_SIZE_T_FMT ")", nbytes, nbytes_written);
 
+        /* Concurrent log format: Don't leak file handle. */
+        if (msr->txcfg->auditlog_type == AUDITLOG_CONCURRENT) {
+            apr_file_close(msr->new_auditlog_fd);
+        }
+
         /* Set to NULL to prevent more than one error message on
          * out-of-disk-space events and to prevent further attempts
          * to write to the same file in this request.
          *
-         * Note that, as we opened the file through the pool mechanism of
-         * the APR, we do not need to close the file here. It will be closed
-         * automatically at the end of the request.
+         * Serial log format: Note that, as we opened the file through the
+         * pool mechanism of the APR, we do not need to close the file
+         * here. It will be closed automatically at the end of the request.
          */
         msr->new_auditlog_fd = NULL;
 
@@ -1181,7 +1186,10 @@ void sec_audit_logger(modsec_rec *msr) {
 
     /* From here on only concurrent-style processing. */
 
-    apr_file_close(msr->new_auditlog_fd);
+    /* File handle might already be closed after write failure. */
+    if (msr->new_auditlog_fd) {
+        apr_file_close(msr->new_auditlog_fd);
+    }
 
     /* Write an entry to the index file */