Interests in mod_security support ?
Mod_security  is a flexible opensource web application firewall, which
runs configureable rules to detect and possible filter malicious incoming
HTTP requests received (XSS, SQL injection ....). Orange is preparing a PR
to add support for mod_security in the php_buildpack .
I'd be interested to hear if there is interest for such support in the
community and specific requirements/refinements over Orange's initial work
to be done.
Thanks in advance,
ps: A possible future integration could also be packaged as a
fully-brokered route service in the future, which could be applying to all
buildpacks. As a 1st step, we focussed our effort to httpd within php
buildpack, mainly to avoid the added network hops implied by the