Hi,

Mod_security [1] is a flexible opensource web application firewall, which
runs configureable rules to detect and possible filter malicious incoming
HTTP requests received (XSS, SQL injection ....). Orange is preparing a PR
to add support for mod_security in the php_buildpack [2].

I'd be interested to hear if there is interest for such support in the
community and specific requirements/refinements over Orange's initial work
to be done.

Thanks in advance,

Guillaume.

ps: A possible future integration could also be packaged as a
fully-brokered route service in the future, which could be applying to all
buildpacks. As a 1st step, we focussed our effort to httpd within php
buildpack, mainly to avoid the added network hops implied by the
fully-brokered service

[1] https://www.modsecurity.org
[2] https://github.com/cloudfoundry/php-buildpack/issues/144