Feature plans regarding libmodsecurity and nginx connector
Posted: Wed Jul 08, 2015 9:11 am
Hi guys,
As of july 2015 getting modsecurity production ready for nginx is very hard. Atomic is providing experimental rules for NGINX and they seems to work oke.
If I understand correct modsecurity 3.0 will be renamed to libmodsecurity (https://github.com/SpiderLabs/ModSecuri ... odsecurity) and every webserver is getting it's own connecter talking to this library. I think this is the way to go, because modsecurity is to much build upon Apache now and it's to bloated when using a non apache server.
I don't know about rules compatibility but will Atomicorp start publishing rules for libmodsecurity if it reaches a point so that libmodsecurity is usable?
Just curious
- Gerwin
As of july 2015 getting modsecurity production ready for nginx is very hard. Atomic is providing experimental rules for NGINX and they seems to work oke.
If I understand correct modsecurity 3.0 will be renamed to libmodsecurity (https://github.com/SpiderLabs/ModSecuri ... odsecurity) and every webserver is getting it's own connecter talking to this library. I think this is the way to go, because modsecurity is to much build upon Apache now and it's to bloated when using a non apache server.
I don't know about rules compatibility but will Atomicorp start publishing rules for libmodsecurity if it reaches a point so that libmodsecurity is usable?
Just curious
- Gerwin