Hello everybody, Recently, we (the Zevenet Team) integrated libmodsecurity 3.0.3 in Pound. So, if it is useful for anybody or somebody wants to try it, it is available in the GitHub Zevenet Pound repository:
https://github.com/zevenet/pound. I regret cannot add a patch only with the WAF code, but the Zevenet Pound code has diverged a lot from its original point. Other community patches have been applied and other developments too. As brief information: * The ruleset directives are global for all HTTP/S listeners in a Pound process. * The "WafRule" directive is a file with the Modsecurity directives to execute. Several wafRule directives can be added to a pound config file. * The "WafBodySize" directive sets a limit for the body buffer. If the request body or response body is bigger than this value, the body will not be inspected. The 0 value does not set any limit. * pounctl -R -s <pound_ctl_socket>, will reload the WAF rules without stopping the load balancing service. If anybody has a doubt or suggestion for improvement I will be glad to hear it. Regards, Alvaro -- Álvaro Cano Development and Support Department www.zevenet.com <https://www.zevenet.com/skype-redirect/?user=alvaro.c...@zevenet.com> <https://www.facebook.com/zevenet> <https://twitter.com/zevenet> <https://www.linkedin.com/company/zevenet> <https://github.com/zevenet> <https://sourceforge.net/projects/zevenet/> [image: Zevenet] <https://www.zevenet.com/signature/> DISCLAIMER: This message contains confidential information and is intended only for the individual named. If you are not the named addressee please notify the sender immediately by email if you have received it by mistake and delete it from your system, you should not disseminate, distribute or copy this email in whole or in part.