I have spent the last few days trying to find a way to implement mod_security onto our iSeries with no luck.
The closest that I've gotten to getting it to work was by downloading the C source from modsecurity.org, uploading it to the iSeries web server, compiling the c source into a module, binding the service programs, and adding the directives within apache to load the module. The problem - when all of this is complete I start the server and it shuts down immediately (less than a second). I have searched the job logs to find out that it is "not compatible".
Does anyone have any experience with modifying apache modules to work with IBM iSeries web servers running apache 2.0????
Here is the an example error message that I get when trying to use ANY module:
Message . . . . : Module structure MOD_INJECT is not valid.
Cause . . . . . : Module structure MOD_INJECT in HTTP Server (powered by
Apache) module /QSYS.LIB/MODS.LIB/MOD_INJECT.SRVPGM is not valid. The
module /QSYS.LIB/MODS.LIB/MOD_INJECT.SRVPGM may not be compatible with the
HTTP Server. The module is built for level 0 . The HTTP Server is
expecting level 41503230 . Recovery . . . : Replace HTTP Server module
/QSYS.LIB/MODS.LIB/MOD_INJECT.SRVPGM with a module that is compatible with
the HTTP Server. Then start the server again.