[Pkg-nginx-maintainers] Bug#1012495: RFP: libnginx-mod-http-modsecurity - ModSecurity v3 Nginx Connector
Patrick Schleizer
adrelanos at whonix.org
Wed Jun 8 12:29:58 BST 2022
Package: wnpp
Severity: wishlist
X-Debbugs-CC: pkg-nginx-maintainers at alioth-lists.debian.net
* Package name : libnginx-mod-http-modsecurity
Version : v3.0.7
Upstream Author : Trustwave's SpiderLabs
* URL : https://github.com/SpiderLabs/ModSecurity-nginx
* License : Apache 2.0
Programming Lang: C
Description : ModSecurity v3 Nginx Connector
long description:
The ModSecurity-nginx connector is the connection point between nginx
and libmodsecurity (ModSecurity v3). Said another way, this project
provides a communication channel between nginx and libmodsecurity. This
connector is required to use LibModSecurity with nginx.
The ModSecurity-nginx connector takes the form of an nginx module. The
module simply serves as a layer of communication between nginx and
ModSecurity.
Notice that this project depends on libmodsecurity rather than
ModSecurity (version 2.9 or less).
license file:
https://github.com/SpiderLabs/ModSecurity-nginx/blob/master/LICENSE
additional information:
Hopefully adding this package to packages.debian.org would be
comparatively easy. It's already as a custom deb package from a custom
deb repository and stable for years. [1]
The maintainer of the custom libnginx-mod-http-modsecurity deb package
is Ervin Hegedüs. He is a CRS developer [2], Debian Maintainer [3] and
ModSecurity [4] code contributor.
Ervin, already a Debian Maintainer, would like to add the package to
Debian too. [5]
[1] https://modsecurity.digitalwave.hu/
[2]
https://github.com/coreruleset/coreruleset/blob/v3.4/dev/CONTRIBUTORS.md#developers
[3] https://nm.debian.org/person/airween/
[4]
https://github.com/SpiderLabs/ModSecurity/pulls?q=is%3Apr+is%3Aclosed+author%3Aairween
[5] https://github.com/SpiderLabs/ModSecurity-nginx/issues/282
More information about the Pkg-nginx-maintainers
mailing list