Hi dragan, thats a great news. Just for information, the official project “mod_defender” is now here
https://github.com/VultureProject/mod_defender <https://github.com/VultureProject/mod_defender> Thierry > On 29 May 2017, at 10:29, Dragan Dosen <ddo...@haproxy.com> wrote: > > Hi all, > > I'm sending you a patch for Mod Defender (a NAXSI clone) integration -- > a service that talks SPOE and uses the Mod Defender > (https://github.com/Annihil/mod_defender) functionality to detect HTTP > attacks. It returns a HTTP status code to indicate whether the request > is suspicious or not, based on NAXSI rules. The value of the returned > status can be used in HAProxy rules to determine if the HTTP request > should be blocked/rejected. > > Unlike ModSecurity, Mod Defender is a whitelist based WAF (everything is > disallowed, unless there are rules saying otherwise). It's a partial > replication of NAXSI and it uses NAXSI compatible rules configuration > format. > > Any comments are welcome. > > > Best regards, > Dragan Dosen > <0001-MINOR-Add-Mod-Defender-integration-as-contrib.patch>
