Interests in mod_security support ?

Guillaume Berche


Mod_security [1] is a flexible opensource web application firewall, which
runs configureable rules to detect and possible filter malicious incoming
HTTP requests received (XSS, SQL injection ....). Orange is preparing a PR
to add support for mod_security in the php_buildpack [2].

I'd be interested to hear if there is interest for such support in the
community and specific requirements/refinements over Orange's initial work
to be done.

Thanks in advance,


ps: A possible future integration could also be packaged as a
fully-brokered route service in the future, which could be applying to all
buildpacks. As a 1st step, we focussed our effort to httpd within php
buildpack, mainly to avoid the added network hops implied by the
fully-brokered service