Graham, Mod_firehose sounds very helpful. I like the record/replay options. It would be great if you could convince the developers.
It is possible to do similar stuff with mod_security, though not in a very easy way, but mod_security still helps for debugging purposes. One thing you can not do with mod_security, though, is the following: To log encrypted connections between a reverse proxy and the backend applications. So far it is very hard to prove the Apache proxy sends the right stuff if you can not get hold of the backend application's logs. Now I wonder if mod_firehose could solve this problem too. Regards, Christian Folini -- First you make it, then it works, then you invite people to make it better. -- Eben Moglen, Free Software Foundation
