Thread: [mod-security-users] Varnish modsecurity binding
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
mod-security-users
|
From: Xavier De C. <xd...@gm...> - 2019-07-01 17:15:34
|
Hello, As the use case became apparent in a company i work for, i've implemented a small binding for the varnish proxy software. This should be considered a proof of concept between alpha and beta quality. However to be able to stabilise the vmod, tests will prove useful. As with all project i recommend you yo test it on a staging env if possible, review the code. Doc, test coverage & so on are still ongoing. But i'll be happy to take any feedback and help make a contribution that will help other users. Currently most of it is ok, the body handling still need a more efficient way of being done ( via varnish delivery (6.2) or fetch processor(6.1). But i'm still searching for a way to access request privates variables. Thanks a lot for your attention and help. Regards, Xavier |
|
From: Christian F. <chr...@ne...> - 2019-07-01 17:20:30
|
Hello Xavier, This sounds interesting. Do you have a link perhaps? Ahoj, Christian On Mon, Jul 01, 2019 at 07:15:18PM +0200, Xavier De Cock wrote: > Hello, > > As the use case became apparent in a company i work for, i've implemented a > small binding for the varnish proxy software. This should be considered a > proof of concept between alpha and beta quality. > > However to be able to stabilise the vmod, tests will prove useful. > > As with all project i recommend you yo test it on a staging env if > possible, review the code. > > Doc, test coverage & so on are still ongoing. But i'll be happy to take any > feedback and help make a contribution that will help other users. > > Currently most of it is ok, the body handling still need a more efficient > way of being done ( via varnish delivery (6.2) or fetch processor(6.1). But > i'm still searching for a way to access request privates variables. > > Thanks a lot for your attention and help. > > Regards, > > Xavier > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ |
|
From: Xavier De C. <xd...@gm...> - 2019-07-01 17:34:11
|
And that's what i forgot :) https://github.com/xdecock/vmod-modsecurity The doc is readabke in the src/*.vcc Le lun. 1 juil. 2019 à 19:22, Christian Folini <chr...@ne...> a écrit : > Hello Xavier, > > This sounds interesting. Do you have a link perhaps? > > Ahoj, > > Christian > > On Mon, Jul 01, 2019 at 07:15:18PM +0200, Xavier De Cock wrote: > > Hello, > > > > As the use case became apparent in a company i work for, i've > implemented a > > small binding for the varnish proxy software. This should be considered a > > proof of concept between alpha and beta quality. > > > > However to be able to stabilise the vmod, tests will prove useful. > > > > As with all project i recommend you yo test it on a staging env if > > possible, review the code. > > > > Doc, test coverage & so on are still ongoing. But i'll be happy to take > any > > feedback and help make a contribution that will help other users. > > > > Currently most of it is ok, the body handling still need a more efficient > > way of being done ( via varnish delivery (6.2) or fetch processor(6.1). > But > > i'm still searching for a way to access request privates variables. > > > > Thanks a lot for your attention and help. > > > > Regards, > > > > Xavier > > > > _______________________________________________ > > mod-security-users mailing list > > mod...@li... > > https://lists.sourceforge.net/lists/listinfo/mod-security-users > > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > > http://www.modsecurity.org/projects/commercial/rules/ > > http://www.modsecurity.org/projects/commercial/support/ > > > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > |
|
From: Ted T. <tal...@ho...> - 2019-07-03 08:09:57
|
stop your mail please ________________________________ From: Xavier De Cock <xd...@gm...> Sent: Monday, July 1, 2019 5:34 PM To: mod...@li... Subject: Re: [mod-security-users] Varnish modsecurity binding And that's what i forgot :) https://github.com/xdecock/vmod-modsecurity The doc is readabke in the src/*.vcc Le lun. 1 juil. 2019 à 19:22, Christian Folini <chr...@ne...<mailto:chr...@ne...>> a écrit : Hello Xavier, This sounds interesting. Do you have a link perhaps? Ahoj, Christian On Mon, Jul 01, 2019 at 07:15:18PM +0200, Xavier De Cock wrote: > Hello, > > As the use case became apparent in a company i work for, i've implemented a > small binding for the varnish proxy software. This should be considered a > proof of concept between alpha and beta quality. > > However to be able to stabilise the vmod, tests will prove useful. > > As with all project i recommend you yo test it on a staging env if > possible, review the code. > > Doc, test coverage & so on are still ongoing. But i'll be happy to take any > feedback and help make a contribution that will help other users. > > Currently most of it is ok, the body handling still need a more efficient > way of being done ( via varnish delivery (6.2) or fetch processor(6.1). But > i'm still searching for a way to access request privates variables. > > Thanks a lot for your attention and help. > > Regards, > > Xavier > _______________________________________________ > mod-security-users mailing list > mod...@li...<mailto:mod...@li...> > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ _______________________________________________ mod-security-users mailing list mod...@li...<mailto:mod...@li...> https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: http://www.modsecurity.org/projects/commercial/rules/ http://www.modsecurity.org/projects/commercial/support/ |
|
From: Ervin H. <ai...@gm...> - 2019-07-03 09:47:27
|
On Wed, Jul 03, 2019 at 08:09:55AM +0000, Ted Talaiti wrote: > > stop your mail please please review this page: https://sourceforge.net/projects/mod-security/lists/mod-security-users/unsubscribe enter your e-mail address, and see what happens... Regards, a. |
|
From: Felipe Z. <fe...@zi...> - 2019-07-03 13:30:20
|
Hi Xavier, Thank you for the effort on that. I am sure that is a precious addition to the libModSecurity family. I am delighted to see the bindings and how the community is fastly growing around libModSecurity. It is terrific to see people from the community engaged in contributing. Currently, we also have bindings for Python that is also maintained by the community - https://github.com/actions-security/pymodsecurity For me, this means a lot; The possibility of extendability (by bindings and others) was discussed back on the decision to move forward and create version 3 [ http://blog.zimmerle.org/2016/01/an-overview-of-upcoming-libmodsecurity.html ]. So, thank you ;) I have added your project to libModSecurity README file - https://github.com/SpiderLabs/ModSecurity/blob/v3/master/README.md#bindings Br., Felipe On Mon, Jul 1, 2019 at 2:15 PM Xavier De Cock <xd...@gm...> wrote: > Hello, > > As the use case became apparent in a company i work for, i've implemented > a small binding for the varnish proxy software. This should be considered a > proof of concept between alpha and beta quality. > > However to be able to stabilise the vmod, tests will prove useful. > > As with all project i recommend you yo test it on a staging env if > possible, review the code. > > Doc, test coverage & so on are still ongoing. But i'll be happy to take > any feedback and help make a contribution that will help other users. > > Currently most of it is ok, the body handling still need a more efficient > way of being done ( via varnish delivery (6.2) or fetch processor(6.1). But > i'm still searching for a way to access request privates variables. > > Thanks a lot for your attention and help. > > Regards, > > Xavier > > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > -- Br., Felipe Zimmerle |
|
From: Ted T. <tal...@ho...> - 2019-07-07 16:26:56
|
stop your mail please ________________________________ From: Ervin Hegedüs <ai...@gm...> Sent: Wednesday, July 3, 2019 9:47 AM To: mod...@li... Subject: Re: [mod-security-users] Varnish modsecurity binding On Wed, Jul 03, 2019 at 08:09:55AM +0000, Ted Talaiti wrote: > > stop your mail please please review this page: https://sourceforge.net/projects/mod-security/lists/mod-security-users/unsubscribe enter your e-mail address, and see what happens... Regards, a. _______________________________________________ mod-security-users mailing list mod...@li... https://lists.sourceforge.net/lists/listinfo/mod-security-users Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: http://www.modsecurity.org/projects/commercial/rules/ http://www.modsecurity.org/projects/commercial/support/ |
|
From: Reindl H. <h.r...@th...> - 2019-07-07 16:35:07
|
Am 07.07.19 um 18:26 schrieb Ted Talaiti: > stop your mail please this is a pretty dumb response to a link how to unsubscribe days ago instead stop *your* list spamming and unsubsribe like everybody but you is capable to do mailto:mod...@li...?subject=unsubscribe > ------------------------------------------------------------------------ > *From:* Ervin Hegedüs <ai...@gm...> > *Sent:* Wednesday, July 3, 2019 9:47 AM > *To:* mod...@li... > *Subject:* Re: [mod-security-users] Varnish modsecurity binding > > On Wed, Jul 03, 2019 at 08:09:55AM +0000, Ted Talaiti wrote: >> >> stop your mail please > > please review this page: > > https://sourceforge.net/projects/mod-security/lists/mod-security-users/unsubscribe > > enter your e-mail address, and see what happens... |
Thanks for helping keep SourceForge clean.
X