WebApp Sec mailing list archives
Re: Apache module: mod_security
From: Ivan Ristic <ivanr () webkreator com>
Date: Tue, 10 Dec 2002 15:43:32 +0000
Dave Aitel wrote:
That's really cool! I think one of the salient features of it you didn't highlight was that it can filter on the BODY arguments! With a GUI for tuning, this would provide nearly all the features of an "application" firewall!
Erm, yes, I forgot that. :) I actually wrote it in order to have that functionality. And, then, one thing led to another... Unfortunately, filtering POST payloads requires a patch against the Apache core. The patch itself can be made a bit faster (not to say that it isn't fast now :) but then it would break binary compatibility... and that's another story altogether. I will talk to someone @ Apache about that. I hope that patching won't be necessary with Apache 2 since v2 has filtering capabilities built-in. I will lay a detailed plan for future development over the forthcoming holidays and then hopefully, in the next year, get more developers to work on it. Even now, my list of planned features is quite long. -- Ivan Ristic, http://www.webkreator.com/
Current thread:
- Apache module: mod_security Ivan Ristic (Dec 10)
- Re: Apache module: mod_security Dave Aitel (Dec 10)
- Re: Apache module: mod_security Bill Burge (Dec 10)
- Re: Apache module: mod_security Ivan Ristic (Dec 10)
- Re: Apache module: mod_security Ivan Ristic (Dec 10)
- Re: Apache module: mod_security Bill Burge (Dec 10)
- Re: Apache module: mod_security Klaus Doerrscheidt (Dec 10)
- Re: Apache module: mod_security Gabe Lawrence (Dec 10)
- <Possible follow-ups>
- Re: Apache module: mod_security zeno (Dec 10)
- Re: Apache module: mod_security Dave Aitel (Dec 10)