mod_security2 configuration
Bradley Giesbrecht
pixilla at macports.org
Wed Jun 15 08:45:23 PDT 2011
I didn't see a link to your upload suggestion so I will have to look for it later when I have more time.
My comments do not have the benefit of your suggestion at this moment.
On Jun 15, 2011, at 7:31 AM, Bjarne D Mathiesen wrote:
> Bradley Giesbrecht wrote:
>> Take a look. This installs and apache2 loads with it active.
>
> I've uploaded my own suggestion :-)
>
> where we differ is in our handling of the conf-file.
>
> my issues with your approach are the following:
> 1) I don't like creating the whole file inside the Portfile
> we do have the files-directory for those kind of things :-)
I prefer to use the files dir sparingly, patches mostly. I read a lot of Portfiles in a day and having to look in files/* to see whats happening when a few lines in the Portfile can do the same thing.
> 2) the way you have done it the conf file is hard-linked,
> thus any user-modifications to the file will be lost on
> re-install/update
It is in conf/extra/ and is optional. You are welcome to create your own. I think this is the intended use of conf/extra. It's not loaded by default.
> 3) I prefer to have conf files depend on whether a module is loaded
> or not, as I have the following in my httpd.conf file:
>
> ############################
> # Supplemental configuration
> #
> # The configuration files in the conf/extra/ directory can be
> # included to add extra features or to modify the default
> # configuration of the server, or you may simply copy their contents
> # here and change as necessary.
I read, "can be included" and "or you may simply copy their contents here".
> Include conf/extra/*.conf
This may be convenient but I list my 5 or so modules manually. I am not inclined to include everything that any software package drops in conf/extra/ ending in .conf.
Read below.
> thus, I can simply comment the LoadModule and restart
>
> this doesn't work that well with mod_security as the module _requires_
> the two LoadFile *.dylibs _before_ the LoadModule
Which is why I replace the note "apxs -a -e -n \"security2\" mod_security2.so" with the conf file.
Thanks for your comments Bjarne. I look forward reading your suggestions and finishing this port to are mutual satisfaction.
Regards,
Bradley Giesbrecht (pixilla)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-users/attachments/20110615/668a7a8b/attachment.html>
More information about the macports-users
mailing list