Re: [mod-security-users] Does mod_security 1.9.5 work with 64-bit unix?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hmm, you cut my reply off early, so not sure that you read it all, so
let me add some more detail to the discussion...

Ivan Ristic rewrote ModSecurity for 2.x to be more modular so that it
was less Apache centric/dependent.  This modularity was designed to
separate out the ModSecurity engine from the Web server specific code,
allowing more ability to port to other Web servers and easier adapt to
changes in Apache (such as the jump from v1 to v2).  However, there just
was not enough resources (just him) to rewrite for both Apache 1 and
Apache 2 as the architectures of the two platforms are so different, so
the obvious choice is to target the latest (Apache 2) with a design that
was better suited to other platforms (Apache 1, IIS, etc).  The core
engine in 2.5 is pretty close to being separated from the Apache code,
however there is not a well defined separation (API) for a separate
Apache 1 module to live by itself.  I believe that there was always
intention to add Apache 1.3 support in ModSecurity, but there just was
just not much demand for it and so it never came about.

The next major ModSecurity release will be 2.6.  This will focus more on
modularity and the ability to write third-party modules more easily.  At
this point, I think it will be easier to consider a separate modular
port to Apache 1, but probably not by Breach -- especially now that
Apache 2.4 is being carved and the End of Life of 1.3 is finally
becoming a reality
(http://mail-archives.apache.org/mod_mbox/httpd-dev/201001.mbox/%3C6...@ma...%3E)
as may be 2.0 as well
(http://mail-archives.apache.org/mod_mbox/httpd-dev/201001.mbox/%3Cc...@ma...%3E).
 The capabilities should be there and it would be a good community
project if there truly is a market demand for Apache 1 support.

thanks,
-B

Peter M. Abraham wrote:
> Greetings Brian:
> 
> We are on H-Sphere 3.0.0 P9.
> 
> And while H-Sphere 3.1 forward (Parallels maintains several product lines like mySQL,  Apache, etc.  -- most of which is considered stable and alive) does support the option to pick on a server-by-server basis whether to be on Apache 1 or Apache 2, we've not yet seen enough incentives to be on Apache 2.
> 
> While mod_security 2 is one incentive, it is not large enough to have us leave an extremely stable, supported by the Apache community (that is to state, not declared EOL), Apache 1 along with the stability we have with H-Sphere 3.0.0 P9 (almost all of the new versions - multi-branch like mySQL, Apache, etc.) have stability issues.
> 
> What I don't understand is that since Apache 1.3.41 has not been declared EOL, and Apache 1 is still very popular, why Breach doesn't support both versions of Apache.   But that's just my own lack of understanding.
> 
> Thank you.
> 
> ________________________________________________
> Peter M. Abraham
> Support and Customer Care Department
> Dynamic Net, Inc.
> Helping companies do business on the Net
> 13 Cowpath
> Denver, PA 17517
> Toll Free Voice: 1-888-887-6727
> International: 1-717-484-1062
> FAX: 1-717-484-1162
> Web:  http://www.dynamicnet.net/services/hsphere.htm
> 
>> -----Original Message-----
>> From: Brian Rectanus [mailto:Bri...@br...]
>> Sent: Monday, January 04, 2010 5:38 PM
>> To: sup...@dy...
>> Cc: mod...@li...
>> Subject: Re: [mod-security-users] Does mod_security 1.9.5 work with 64-bit unix?
>>
>>
>> Peter M. Abraham wrote:
>>> Greetings:
>>>
>>> We and many of our colleagues use a hosting automation system where Apache
>>> 1.3 (Apache, like mySQL maintains several production lines) is still the
>>> flavor and will be for a number of years to come.
>>>
>>> Are there any adjustments that need to be made to mod_security.c under Mod
>>> Security 1.9.5 for it to compile under CentOS 5.4 64-bit when using Apache
>>> 1?
>> What automation system are you using that is not at least Apache 2.0
>> compatible?
> 

-- 
Brian Rectanus
Breach Security