You bet right. Not much joy googling either.
I also listed all the service program modules in QHTTPSVR and found 55
that begin with MOD_ but none appear to relate to mod_security.
Other platforms tend to recompile Apache after installing the module.
If IBM fail to provide a way to implement mod_security then the other
options are installing an application firewall in front of the http
server to monitor all requests or taking delight in writing a custom
input filter for Apache to weed out stuff in the requests.
Peter
-----Original Message-----
From: web400-bounces@xxxxxxxxxxxx [mailto:web400-bounces@xxxxxxxxxxxx]
On Behalf Of Nathan Andelin
Sent: Tuesday, 10 February 2009 13:17
To: Web Enabling the AS400 / iSeries
Subject: Re: [WEB400] mod_security for Apache
From: Peter Connell
Does anyone know how to get mod_security installed into Apache
on OS/400?
I bet you already looked in the Information Center. I just did, but
could not find anything on mod_security. So I did a search on
www.ibm.com. A few hits came up, but not pertaining to "i". So I
"assume" that it's not supported under "i".
We need it to become PCI compliant.
If truly required, I'd probably start looking for a light-weight network
device to place in front of your server, to act as something as a proxy.
I did find a hit for installing mod_security on a couple Linux
distributions.
Nathan.
As an Amazon Associate we earn from qualifying purchases.