Hi all,
I am not sure if anyone think about this before.
Consider a traditional setup for today web applications:
User <==> Squid(s) <==> Apache(s) <==> MySQL / Memcached / NFS
Currently I have mod_security installed on every Apache to prevent
attacks such as SQL Injection, XSS ect.
Sure, as a web application firewall, you would need more features then
mod_security currently provided, e.g.
1. rate-limiting, e.g. limit your user from accessing register.cgi for
not more than 1 time per minutes (against spam or application level
DOS)
2. Block user by IP, subnet
3. Block by request header, e.g. UA, cookie
Of course I am not going to ask to merge all this features into squid,
but I want to ask if it is feasible to develop all these feature as a
external program, and squid will pass the needed info to a program
similar to a redirector (or maybe just using redirector concept).
I am just not sure if it is suitable to perform all these actions at
squid layer.
Howard
Received on Sat Jun 21 2008 - 14:57:02 MDT
This archive was generated by hypermail 2.2.0 : Sun Jun 22 2008 - 12:00:04 MDT