On Tue, Sep 29, 2009 at 5:04 PM, Brian Rectanus <Brian.Rectanus@breach.com> wrote:
I've read several posts about how to compile mod_security with a static
build of apache but none of them worked, the latest was
http://thread.gmane.org/gmane.comp.apache.mod-security.user/1840/focus=1841

Could you give your reasoning for building it static?  I have never seen a need for it.  If there really is one, then maybe I can do something to aide in this?

From a security standpoint it makes sense to only include the code that you're going to need. I know exactly which modules I need so I build my custom apache with only those modules and include them statically. The whole dynamic loading of modules is just another piece of code I can live without.

I'm sure you'll agree this makes sense. Also, I sleep a little better knowing that rogue modules cannot be loaded into the web server. :)

Best regards,
André Cruz