Le 29 mai 2017 11:40:47 AM Willy TARREAU <[email protected]> a écrit :
Hi Thierry, Dragan,
On Mon, May 29, 2017 at 11:25:48AM +0200, Thierry Fournier wrote:
Hi dragan, thats a great news.
Yep great news and apparently great work (as usual).
Just for information, the official project “mod_defender” is now here
https://github.com/VultureProject/mod_defender
Since both of them are at the exact same commit ID, do you know if the
project simply moved or is forked ? Does this mean we should expect to
find updates only at the new URL above and not at the previous one ? Or
maybe someone should just contact the project maintainer to know which
one is supposed to be the right one.
The project owner says that is moved. I suppose that is for using the brand
of his own company.
Two other comments while I'm thinking about this :
- Dragan, I think it could be useful to mention in the README that in
its current state, the module is limited by haproxy to the analysis
of the first buffer and that just like for the mod_sec equivalent,
one workaround may consist in significantly increasing haproxy's
buffer size ;
- Thierry/Dragan, given that both of your contribs were made from
Apache modules, do you think it would be useful/feasible to have
a more generic SPOE<->APR agent to natively support more Apache
modules ? Some people might want to recompress images or inline
CSS and JS for example, and while I totally despise these
practises which modify the delivered contents and corrupt caches,
I can understand why some people would prefer to run this on the
edge LB than having to configure it on all hosted servers.
Hard question. the question is not about spoe <-> apr but spoe <-> apache
throuhgt apr. the usage of modsecurity I just writen the code used by
modsec, but for more compatibility we must implement the behavior of apache
and it is a big job and a little bit hazardous.
Thierry
Let's wait for a bit more feedback (if any) but at least from a quality
perspective I'm fine with merging it as-is.
Cheers,
Willy
