naxsi-rules
naxsi-rules copied to clipboard
nginx: [emerg] "BasicRule" directive is not allowed here in whitelist rules
i am trying to configure the following but am getting an error how can i fix it
Vhost myconfig:
location / {
include /etc/nginx/naxsi-rules/rules/block.rules;
........
block.rules file:
#Enable naxsi
SecRulesEnabled;
#Enable learning mode
# LearningMode;
#Define where blocked requests go
DeniedUrl "/50x.html";
#CheckRules, determining when naxsi needs to take action
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$EVADE >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
LibInjectionXss;
CheckRule "$LIBINJECTION_XSS >= 8" BLOCK;
LibInjectionSql;
CheckRule "$LIBINJECTION_SQL >= 8" BLOCK;
CheckRule "$EVADE >= 4" BLOCK;
CheckRule "$ATTACK >= 8" BLOCK;
CheckRule "$UWA >= 8" BLOCK;
#naxsi logs goes there
# include /etc/nginx/naxsi-rules/rules/whitelist.rules;
if ($host = yyyyyy.com ) {
include /etc/nginx/naxsi-rules/rules/yyyyyy.com.rules;
}
if ($host = xxxxxx.com ) {
include /etc/nginx/naxsi-rules/rules/xxxxxx.com.rules;;
}
nginx check:
nginx: [emerg] "BasicRule" directive is not allowed here in /etc/nginx/naxsi-rules/rules/yyyyyy.com.rules:1
nginx: configuration file /etc/nginx/nginx.conf test failed
if I configure the block file like this, it works again
block.rules file:
#Enable naxsi
SecRulesEnabled;
#Enable learning mode
# LearningMode;
#Define where blocked requests go
DeniedUrl "/50x.html";
#CheckRules, determining when naxsi needs to take action
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$EVADE >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
LibInjectionXss;
CheckRule "$LIBINJECTION_XSS >= 8" BLOCK;
LibInjectionSql;
CheckRule "$LIBINJECTION_SQL >= 8" BLOCK;
CheckRule "$EVADE >= 4" BLOCK;
CheckRule "$ATTACK >= 8" BLOCK;
CheckRule "$UWA >= 8" BLOCK;
#naxsi logs goes there
include /etc/nginx/naxsi-rules/rules/yyyyyy.com.rules;
nginx check:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
how can i use if check host with nginx here?
I changed the configuration to the following:
location / {
if ($host = xxxxxxxxxxxxxx ) {
include /etc/nginx/naxis-rules/rules/block.rules;
}
but i still get the error
nginx: [emerg] "BasicRule" directive is not allowed here in /etc/nginx/naxis-rules/rules/block.rules:1
nginx: configuration file /etc/nginx/nginx.conf test failed
We see this as a bug @wargio you can check. problem software did not read nginx configuration
Rules are not supported within an if block. if you have multiple hosts, etc.. i suggest to have a different http configuration
@wargio How do configure it? I have to include files one by one in each vhost? this is a really bad idea.
there is a PR for that actually.
https://github.com/nbs-system/naxsi/pull/562
@wargio i have some questions.
- why is the if block not supported and will it be supported in the future?
- I have read the PR you sent but I still don't understand how to configure it?
that PR actually allows to setup naxsi at config and server level, this means that you need to include the naxsi configuration only once. i can't answer to the when and why because i do not know the reasons.
that PR actually allows to setup naxsi at config and server level
what does this mean? actually I don't understand how configuring it will be, because there is not description there is no documentation about the configuration?
this means that you need to include the naxsi configuration only once
means now we just need to include the file in nginx.conf? but i want to manage vhost in a simpler way through if block or $host in nginx,