With module functioning well on Unix-based platforms I decided to start with the Windows port. The job was straightforward (I only tried with the Apache 1.x version): after creating the makefile and getting all the switches right I was rewarded with a file mod_security.dll.
That's when the trouble started - I couldn't open (from the module) any files or write to them. After spending a lot of time debuggung, I found that there seems to exist a problem with ap_popenf (portable Apache function that opens files) - it returns invalid file handles. After replacing the call to ap_popenf with a call to open, everything worked just fine. This is probably something specific to the version of Windows I have (Windows Me) otherwise other people would have reported it by now (I've found only one such report using Google, with no answer).
So, with the exception of the ap_popenf problem, the module seems to work quite well on Windows, passing all regression tests. The code is in the CVS if you want to give it a try.
