Hi,
It seems that LSWS doesn't fully support all mod_security features and it is unclear what its limitations exactly are.
Using rules from popular subscription lists is a difficult task, not knowing what we can and can't do with LSWS in terms of this well-establish security feature.
Consider this something of a petition, requesting you to:
A) Document exactly the subset of mod_security features LSWS incorporates and hopefully;
B) Adding full mod_security compatibility, making it a drop-in replacement of the original Apache module, in future LSWS versions.
To this day, having run LSWS for about 5 months, I'm loving it to bits. What a change from Apache it is! Full or at least well documented mod_security implementation will satisfy a lot of companies' security needs, making it truly Enterprise IMHO.
Is there anything on the roadmap that aims to tackle the above two requests to some extent already?
Anyone else wanting this to happen?
It seems that LSWS doesn't fully support all mod_security features and it is unclear what its limitations exactly are.
Using rules from popular subscription lists is a difficult task, not knowing what we can and can't do with LSWS in terms of this well-establish security feature.
Consider this something of a petition, requesting you to:
A) Document exactly the subset of mod_security features LSWS incorporates and hopefully;
B) Adding full mod_security compatibility, making it a drop-in replacement of the original Apache module, in future LSWS versions.
To this day, having run LSWS for about 5 months, I'm loving it to bits. What a change from Apache it is! Full or at least well documented mod_security implementation will satisfy a lot of companies' security needs, making it truly Enterprise IMHO.
Is there anything on the roadmap that aims to tackle the above two requests to some extent already?
Anyone else wanting this to happen?