Re: [mod-security-users] Mod Security and WebSphere
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [mod-security-users] Mod Security and WebSphere
|
From: Ivan R. <iva...@gm...> - 2006-04-10 22:44:19
|
On 4/10/06, De Vries, Richard <Ric...@bm...> wrote: > While doing some debugging on a web-application, I noticed that the > mod_security plug-in appears to sit below the WebSphere plugin in the htt= p > process stack. Is that indeed correct? I don't know, I've never had an opportunity to install ModSecurity into a web server running the WebSphere plug-in. Do you know which hook the plug-in runs at? There's only one hook in Apache that "handles" requests and ModSecurity runs before it. However, it is entirely possible for someone to write a plug-in that handles the request during one of the previous phases. It would be a wrong thing to do but it's still possible. > I can block a request in Mod_Security, yet see it hit the websphere plug-= in > still. It does eventually block the request. Other than re-compiling it w= ith > that particular setting to hook it higher into the webserver (drastically > high if you ask me), is there any other way to get it to execute prior to > the webserver plugin? Perhaps you mean the experimental ENABLE_EARLY_HOOK compile-time switch? Custom-compiling ModSecurity is probably the only solution for this problem. ModSecurity v2 will come with a built-in early processing phase so you shouldn't need to recompile. -- Ivan Ristic, Technical Director Thinking Stone, http://www.thinkingstone.com ModSecurity: Open source Web Application Firewall |
