naxsi

naxsi copied to clipboard

Add hardening flags to the Makefile

2

Currently, the `Makefile` doesn't contain any hardening flags :/

jvoisin

Parse cookies, so we can adress them in the same way we would adress another varialbe, such as `$COOKIE_VAR:foobar`

buixor

Configuration parsing, even if functional, is really terrible :) - [ ] could be a lot shorter - [ ] could be a lot less ghetto - [ ] should...

buixor

License conflict

9

_From [[email protected]](https://code.google.com/u/117093437999097903182/) on August 02, 2013 14:28:04_ The description of the license on the main page is inconsistent with the license itself. The page states that naxsi is "OpenSource and...

blotus

naxsi build fails with pcre*2*-enabled nginx-1.21.5: incorrect PCRE_MULTILINE usage

6

Building/packaging latest nginx-1.21.5 ``` On 12/28/21 10:33, Maxim Dounin wrote: > details: https://hg.nginx.org/nginx/rev/d986378168fd > branches: > changeset: 7989:d986378168fd > user: Maxim Dounin > date: Tue Dec 28 18:28:37 2021 +0300...

pgnd

Valid JSON is blocked by Rule ID 15

2

Hello It seems that escaping characters in JSON are triggering the rule id15: test JSON: `{"key":"escaped \"\" value"} ` `2022/02/15 16:19:19 [error] 39898#0: *58 NAXSI_FMT: ip=*&server=*&uri=/angular.do&learning=1&vers=0.55.3&total_processed=30&total_blocked=1&block=1&zone0=BODY&id0=15&var_name0=&zone1=BODY&id1=15&var_name1=, client: *, server: *,...

butlerfr

how to add whitelist special cookie name?

1

``` BasicRule wl:0 "mz:$HEADERS_VAR:cookie"; ``` It's seems exclude all cookies. ``` curl -H 'Cookie: itsok=../traverse; idono=SELECT * FROM' ``` how to just whitelist `itsok` ?

mhf-ir

Delete the issues (it’s possible!)

3

Please delete the issues https://github.com/nbs-system/naxsi/issues/577 https://github.com/nbs-system/naxsi/issues/578 How to delete an issue at GitHub: https://docs.github.com/en/issues/tracking-your-work-with-issues/deleting-an-issue This issue should also be deleted. Thank you!

cuper6

Redirect URL based on certain checkrule

7

Hi, I am just wondering any other way to `redirect URL OR multiple Denied URL` based on certain rule? Instead of one deniedURL for all

Taymindis

Excessive open file handles on rhel7 with naxsi error document

1

We see 10.000s of file handles with nginx 14297 nginx 99r REG 253,5 536237 2883596 /app/nginx/html/nasxierror.html This is the corresponding naxsi config line DeniedUrl "/naxsierror.html"; naxsi error log: 2022/03/23 14:42:51...

Hansh532