Hi all, I am not sure if anyone think about this before. Consider a traditional setup for today web applications: User <==> Squid(s) <==> Apache(s) <==> MySQL / Memcached / NFS Currently I have mod_security installed on every Apache to prevent attacks such as SQL Injection, XSS ect. Sure, as a web application firewall, you would need more features then mod_security currently provided, e.g. 1. rate-limiting, e.g. limit your user from accessing register.cgi for not more than 1 time per minutes (against spam or application level DOS) 2. Block user by IP, subnet 3. Block by request header, e.g. UA, cookie Of course I am not going to ask to merge all this features into squid, but I want to ask if it is feasible to develop all these feature as a external program, and squid will pass the needed info to a program similar to a redirector (or maybe just using redirector concept). I am just not sure if it is suitable to perform all these actions at squid layer. Howard
