I feel like I've reached a new milestone with mod_security. First of all, it is important to note that since Monday my busy period is officially over and I can now spend more time working on mod_security. Second, in the last two weeks I published a new version (1.7), mod_security made it to Slashdot (reaching a wide audience), and my reverse proxy article was published on SecurityFocus (reaching a wide focused audience). Consequently, the number of downloads and visits increased tenfold.
I have also had a vulnerability. Not a big one, but big enough to let me know that I must be very careful from now on: no more late night coding without a plan and more work on testing and quality control.
These events are marking the end of the second phase in the life of mod_security. We are slowly entering a third phase - maturity. I've decided to enter maturity with a 2.0 version number. The next version, 1.8, will carry some must-have enhancements, and it will become a solid 2.0 version after a lot of polishing. Yes, polishing is important. I have been running for a while now, it is time to slow down to a walk and think more about the features we already have.
