Anthony Toma • February 15, 2022 • Comments Off on Libmodsecurity is the one component of the ModSecurity v3 venture
The library codebase functions as an interface to ModSecurity Connectors taking-in online traffic and using old-fashioned ModSecurity running. Generally speaking, it gives the ability to load/interpret formula meeting divorced singles written in the ModSecurity SecRules structure and implement them to HTTP contents provided by your application via Connectors.
Libmodsecurity was a complete rewrite from the ModSecurity platform. When it was first developed the ModSecurity task started as simply an Apache module. In the long run the project was longer, due to well-known need, to support various other networks such as (however simply for) Nginx and IIS. In order to provide for the developing demand for added system service, it’s got became necessary to remove the Apache dependencies root this job, which makes it more system independent.
Due to this goal we now have rearchitected Libmodsecurity such that it has stopped being determined by the Apache internet machine (both at collection and during runtime). One effect of this is the fact that across all networks users should expect improved abilities. Moreover, there is used this possibility to put the groundwork for many additional features that customers have already been long pursuing. Including the audience is trying to natively assistance auditlogs from inside the JSON style, combined with a host of additional functionality in the future forms.
The ‘ModSecurity’ part no more offers the standard component reasoning (for Nginx, Apache, and IIS) which includes traditionally come packaged altogether. Alternatively, this branch just offers the collection section (libmodsecurity) with this job. This library is actually used by what we’ve called ‘connections’ these connectors will interface with your webserver and offer the library with a standard format it comprehends. Each of these connections are maintained as another GitHub job. For example, the Nginx connector is supplied from the ModSecurity-nginx task (
Keeping these fittings separated allows each project to possess various launch series, issues and development trees. Moreover, it means whenever you download ModSecurity v3 you only bring precisely what you will want, no extras you simply won’t be utilizing.
Before starting the collection procedure, make certain you have got all the dependencies in position. Browse the subsection aˆ?Dependenciesaˆ? for additional ideas.
After the compilation make sure that there are no problem on your build/platform. We strongly recommend the usage of the system reports and regression tests. These examination utilities are observed within the subfolder aˆ?tests’.
As a dynamic library, bear in mind that libmodsecurity must be put in to a place (folder) the place you OS will likely be shopping for dynamic libraries.
This library is written in C++ using the C++11 standards. It uses Flex and Yacc to produce the aˆ?Sec guidelines Languageaˆ? parser. Some other, necessary dependencies feature YAJL, as ModSecurity makes use of JSON for producing logs and its evaluation framework, libpcre (not even compulsory) for running typical expressions in SecRules, and libXML2 (not yet mandatory) used for parsing XML needs.
All others dependencies are linked to operators given within SecRules or arrangement directives and might not be needed for collection. This short range of such dependencies can be pursue:
If those libraries are missing ModSecurity should be put together with no assistance when it comes to driver together with arrangement directive SecRemoteRules.
The collection documentation is written in the signal in Doxygen format. cfgaˆ?, situated aided by the “doc/” subfolder. This will generate HTML formatted documents such as usage instances.