Libmodsecurity is the one element of the ModSecurity v3 task

Libmodsecurity is the one element of the ModSecurity v3 task

The collection codebase serves as a software to ModSecurity fittings consuming web traffic and using conventional ModSecurity operating. In general, it offers the ability to load/interpret regulations printed in the ModSecurity SecRules structure and implement them to HTTP content material given by the job via Connectors.

To come up with this documents, kindly make use of the doxygen electric making use of given arrangement document, aˆ?doxygen

  • All Apache dependencies happen removed
  • Greater performance
  • Additional features
  • New architecture

Libmodsecurity is a whole write of ModSecurity program. With regards to was first designed the ModSecurity task going as simply an Apache module. Over time your panels is prolonged, due to common need, to support other networks such as (however simply for) Nginx and IIS. To be able to provide for the expanding demand for additional platform service, it offers became important to take away the Apache dependencies root this venture, which makes it much more system separate.

Because of this aim we have rearchitected Libmodsecurity such that it has stopped being influenced by the Apache web server (both at collection and during runtime). One side-effect for this is across all networks users can expect increased efficiency. Furthermore, we have taken this possibility to set the groundwork for most additional features that consumers were long searching for. Eg the audience is seeking natively assistance auditlogs inside JSON structure, in addition to a host of various other features in the future versions.

The ‘ModSecurity’ department no longer provides the standard module reason (for Nginx, Apache, and IIS) with which has traditionally become packed altogether. Alternatively, this department only provides the library part (libmodsecurity) with this project. This library was used in what we’ve termed ‘connections’ these fittings will program along with your webserver and supply the collection with a typical format that it understands. Each one of these fittings was maintained as a different GitHub venture. For instance, the Nginx connector is supplied by the ModSecurity-nginx task (

Keeping these connections separated enables each project having different release series, problems and developing woods. In addition, this means that after you download ModSecurity v3 you only bring precisely what you want, no extras you may not be utilizing.

Before starting the collection techniques, ensure that you have all the dependencies positioned. Take a look at subsection aˆ?Dependenciesaˆ? for further details.

After the collection be sure that there aren’t any issues on your own build/platform. We strongly recommend the use of the unit examinations and regression reports. These test tools are located beneath the subfolder aˆ?tests’.

As a vibrant collection, remember that libmodsecurity ought to be put in to an area (folder) where you OS will likely be in search of dynamic libraries.

This library is written in C++ using the C++11 expectations. Additionally, it utilizes Flex and Yacc to create the aˆ?Sec regulations Languageaˆ? parser. Some other, mandatory dependencies integrate YAJL, as ModSecurity utilizes JSON for creating logs as well as its tests platform, libpcre (not yet necessary) for processing routine expressions in SecRules, and libXML2 (not even mandatory) used for parsing XML requests.

Others dependencies become associated with operators given within SecRules or arrangement directives and may also not needed for compilation. This short directory of such dependencies is just as pursue:

To create this documentation, please make use of the doxygen utility making use of the provided arrangement file, aˆ?doxygen

  • libinjection is required for the agent and
  • curl is needed when it comes down to directive SecRemoteRules.

If those libraries is lost ModSecurity will likely be gathered without the help for the operator while the setup directive SecRemoteRules.

The collection documents is written within rule in Doxygen style. cfgaˆ?, placed using «doc/» subfolder. This will build HTML formatted records like consumption instances.

Dejar un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *