ModSecurity for HAProxy ----------------------- This is a third party deamon which speaks SPOE. It gives requests send by HAProxy to ModSecurity and returns the verdict. Compilation --------------- You must compile ModSecurity in standalone mode. Below an example for ModSecurity-2.9.1. Note that ModSecurity depends the Apache APR. I assume that the Apache dependencies are installed on the system. ./configure \ --prefix=$PWD/INSTALL \ --disable-apache2-module \ --enable-standalone-module \ --enable-pcre-study \ --without-lua \ --enable-pcre-jit make make -C standalone install mkdir -p $PWD/INSTALL/include cp standalone/*.h $PWD/INSTALL/include cp apache2/*.h $PWD/INSTALL/include Note that this compilation method works, but is a litle bit rustic. I can't deal with Lua, I supposed that is a dependecies problem on my computer. Start the service --------------------- After you have compiled it, to start the service, you just need to use "spoa" binary: $> ./modsecurity -h Usage: ./spoa [-h] [-d] [-p ] [-n ] [-f ] -h Print this message -d Enable the debug mode -f Modsecurity configuration file -m Specify the maximum frame size (default : 16384) -p Specify the port to listen on (default: 12345) -n Specify the number of workers (default: 5) -c Enable the support of the specified capability -t