Closed GoogleCodeExporter closed 8 years ago
Hello,
I'm not sure if I correctly identified your issue.
http_config.py & LearningMode should be used to make naxsi learn the false
positives of your site.
So, if while in learning mode, you emit 'evil' requests (like the one above),
you are telling naxsi to allow this kind of requests. While using
http_config.py & learning mode, you should only emit legit requests.
If you want naxsi to block the requests, you must disable LearningMode. (cf.
http://code.google.com/p/naxsi/wiki/LearningMode).
"""As explained earlier, while in LearningMode, naxsi won't block any requests,
but it will as well post them (using nginx's post_action mechanism) to the
DeniedUrl location.""" If you make your DeniedUrl point to your http_config.py,
blocked requests will then be forwarded to http_config.py to generate the
appropriate whitelists.
Original comment by ori...@gmail.com
on 6 Oct 2011 at 9:23
that is my fault in understanding the innovative concept.
disabled the learning mode and now all is fine!
thanks a lot.
Original comment by tzury...@reguluslabs.com
on 6 Oct 2011 at 11:45
Original comment by didier.c...@googlemail.com
on 7 Oct 2011 at 9:01
Original issue reported on code.google.com by
tzury...@reguluslabs.com
on 6 Oct 2011 at 3:39