Modsecurity: Implement a SharedMemory mechanism as Collection backend on libmodsecurity

Created on 5 May 2016  路  7Comments  路  Source: SpiderLabs/ModSecurity

ModSecurity version 3 architecture allow the utilization of multiple backends, including a shared memory one. The support should be implemented. The interface is available here:

https://github.com/SpiderLabs/ModSecurity/blob/libmodsecurity/headers/modsecurity/collection/collection.h

RIP - libmodsecurity libmodsec - missing features

Most helpful comment

As of: 833089eb70f6049c73db5ce9394e765594e43e9e collections can be saved using LMDB. LMDB support the access from multiprocess. Further info about LMDB: https://github.com/LMDB/lmdb

All 7 comments

As of: 833089eb70f6049c73db5ce9394e765594e43e9e collections can be saved using LMDB. LMDB support the access from multiprocess. Further info about LMDB: https://github.com/LMDB/lmdb

Hi,

How to configure mod_security to use this LMDB? Could someone please post config sample, thanks a lot!

Any update on how to configure it?

@HOSTED-POWER
Hi,
If you have lmdb installed, you could enable it by passing --with-lmdb to modsecurity configure script.
Good luck

Hey Roger-Man,

Thanks a lot for your feedback! Just pass it and it will use it? :)

Any idea about redis by coincidence?

Hi @HOSTED-POWER,

Redis is not yet supported. Check #1139.

Hi @HOSTED-POWER

Hi just pass it and the configure script uses it. But, Hey just don't pass it. Its so buggy and ends up in nginx worker process to crash and exit. This result in user session termination with empty responses. The logs complain about

double free or corruption

May be thats why no one including @zimmerle answered you how to configure it for a long time. I know he actively replies the posts.

Was this page helpful?
0 / 5 - 0 ratings