Modsecurity: Implement Redis support as Collection backend on libmodsecurity

Created on 5 May 2016  路  13Comments  路  Source: SpiderLabs/ModSecurity

ModSecurity version 3 architecture allow the utilization of multiple backends, including redis. The support should be implemented. The interface is available here:

https://github.com/SpiderLabs/ModSecurity/blob/libmodsecurity/headers/modsecurity/collection/collection.h

RIP - libmodsecurity libmodsec - missing features

Most helpful comment

Hi,

The VultureProject team (https://vultureproject.org/) is currently developing this feature for ModSecurity v3.
We are working to make it available for everyone as soon as possible.

Regards,

Hugo SOSZYNSKI
Vulture Team

All 13 comments

Will this support connecting to redis over a unix socket? Would be very useful for multi tenant environments :)

Hi @tedwardia, the support for Redis [or Memcache] should be independent of transport. That way you will be able to use what fits better inside your environment. Notice that you will be also able to choose which backend you want to use.

Hi,

Is there any redis support? Redis would be great for this!

Major +1

It should be supported? And how to configure redis as backend? :)

Hi,

The VultureProject team (https://vultureproject.org/) is currently developing this feature for ModSecurity v3.
We are working to make it available for everyone as soon as possible.

Regards,

Hugo SOSZYNSKI
Vulture Team

@HugoSoszynski if you need to discuss any aspect of the implementation, I will be glad to help.

@HugoSoszynski any position so far?

Hi,

@zimmerle You can check the work done so far here : https://github.com/VultureProject/ModSecurity/tree/remotes/trunk/src/collection/backend .

A summary of the features and the design informations is available in my last commit (https://github.com/VultureProject/ModSecurity/commit/71ba1d041e10c508dc47a471f76185d2295d90da).

I am currently testing the internal methods such as querying and fail-over in our infrastructures as it is pretty hard to create a REDIS cluster on a Travis VM.
Once the internal methods are validated, I will implement the Collections methods and start Travis unit testing.

If you have any question, suggestion and / or correction to submit, feel free to open an Issue on the VultureProject repository.

Regards,

Hugo SOSZYNSKI
Vulture Team

good news! :) i will be looking in to it.

Hi,

@zimmerle
In my quest to replicate the actual behavior of Collections with REDIS I'm having some trouble:

  • Is there any documentation about the exact detailed behavior of the Collection methods ?
  • As REDIS does not authorize multiple identical keys, I found a workaround using LIST object. However, it is pretty hard to emulate the behavior of an std::unordered_multimap or LMDB; must the REDIS Collection have the exact same behavior ?

I hope we find some solutions to these questions.
Regards,

Hugo SOSZYNSKI
Vulture Team

Hi @HugoSoszynski,

  • There is no documentation about it :(
  • There is the need to have a middle ware, converting the ModSecurity data into Redis and vice-versa. A good way to test if it is working is by running the regression tests.

It seem VultureProject stopped implementing redis backend for modsecurity. :(

https://github.com/VultureProject/ModSecurity/

Was this page helpful?
0 / 5 - 0 ratings

Related issues

zimmerle picture zimmerle  路  6Comments

SteffenAL picture SteffenAL  路  5Comments

venkibits picture venkibits  路  4Comments

victorhora picture victorhora  路  3Comments

DeoMortis picture DeoMortis  路  4Comments