Re: [Mod-security-developers] More about ModSecurity version 3
Brought to you by:
victorhora,
zimmerletw
From: Christian F. <chr...@ti...> - 2016-01-07 10:33:51
|
Felipe, Thank you for the links. In fact I missed the posts (despite your previous announcement). They are advertised on the ModSec website, but I tried to see them via http://blog.spiderlabs.com/modsecurity but the ModSecurity tag is missing on the posts. So glad you linked them here on the mailinglists too. I like the overview presented in the libModSecurity blogpost. It extends on the things I understood so far and makes a good point why this step means a very big opportunity. Modularity is key for successful development (with known exceptions). So I wish you good luck in attracting more help to finish the job. It would be sweet, if we could see more community development happening in the ModSecurity code. Did I get it correctly, that libModSecurity is no longer written in C, but in C++? Does that extend on the connectors to? Community testing: You ask for testers and I think this is an important point. Hopefully you get the necessary beta testers. However, by focusing on nginx, you cut yourself from a big part of the ModSecurity audience. But those who do the work get to make the decisions. So this is a reasonable choice. And in fact, I understand your reasoning (the problems with ModSec 2.x where the most striking with the nginx port, among other reasons) but it might prove problematic. The Python Rule Import blogpost is even cooler. I did not think of this before. I know that there are options to do this with the Core Rules on nginx already, but now that it seems to become available for my platform as well, my mind is spinning madly thinking about use cases. This is really neat. Please keep us posted on the progress of the work. Best, Christian P.S. You used to plan for a community meeting in December. That did not happen. Any new plans for the next meeting? -- Learn this lesson, that to be self-contented is to be vile and ignorant, and that to aspire is better than to be blindly and impotently happy. -- Edwin Abbott Abbott |