Re: [mod-security-users] Language Bindings for libmodsecurity/ModSecurity v3
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Language Bindings for libmodsecurity/ModSecurity v3
|
From: Osama E. <oel...@gm...> - 2018-06-07 04:25:38
|
Hi Robert, I still haven’t started but i was interested in seeing what others had done in this area. My use case was in FaaS (Lambda, Azure Functions, etc.) architectures / environments where you can’t deploy ModSecurity in-line (unless you re-architecture everything to through some instances which is an anti-pattern) and the WAF provided by your cloud provider is very limited. It is interesting that you mentioned performance. Could you shed more light on this? Is the performance hit significantly more than standard ModSecurity? Thanks. -- Osama Elnaggar On June 7, 2018 at 8:39:44 AM, Robert Paprocki ( rpa...@fe...) wrote: Hi, On Wed, Jun 6, 2018 at 2:28 PM, Chaim Sanders <ch...@ch...> wrote: > I think you might be looking for something like this: > > https://github.com/SpiderLabs/ModSecurity/tree/v3/master/ > examples/simple_example_using_c > I was going to suggest this as well ^ I started writing bindings for both PUC Lua and LuaJIT (ffi), but stopped for performance reasons There is also https://github.com/senghoo/modsecurity-go, but it is abandoned at this point (again for performance reasons). Overall, for any integration there will be two focal points: gathering HTTP data to feed into libmodsecurity, and the C/swing/FFI/whatever-have-you logic to integrate libmodsecurity into the environment in question. Are there any specific troubles or spots of question you're running into while building an integration? ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot_______________________________________________ mod-security-users mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: http://www.modsecurity.org/projects/commercial/rules/ http://www.modsecurity.org/projects/commercial/support/ |
