Hi Thierry, Dragan, On Mon, May 29, 2017 at 11:25:48AM +0200, Thierry Fournier wrote: > Hi dragan, thats a great news.
Yep great news and apparently great work (as usual). > Just for information, the official project âmod_defenderâ is now here > > https://github.com/VultureProject/mod_defender Since both of them are at the exact same commit ID, do you know if the project simply moved or is forked ? Does this mean we should expect to find updates only at the new URL above and not at the previous one ? Or maybe someone should just contact the project maintainer to know which one is supposed to be the right one. Two other comments while I'm thinking about this : - Dragan, I think it could be useful to mention in the README that in its current state, the module is limited by haproxy to the analysis of the first buffer and that just like for the mod_sec equivalent, one workaround may consist in significantly increasing haproxy's buffer size ; - Thierry/Dragan, given that both of your contribs were made from Apache modules, do you think it would be useful/feasible to have a more generic SPOE<->APR agent to natively support more Apache modules ? Some people might want to recompress images or inline CSS and JS for example, and while I totally despise these practises which modify the delivered contents and corrupt caches, I can understand why some people would prefer to run this on the edge LB than having to configure it on all hosted servers. Let's wait for a bit more feedback (if any) but at least from a quality perspective I'm fine with merging it as-is. Cheers, Willy
