Closed f2ex closed 7 years ago
Hello,
Can you provide example request ?
As well, it seems you didn't include naxsi in php
location, which is probably where you need it !
@buixor thanks for the reply :)
new nginx.conf
server {
listen 80 default;
access_log /data/wwwlogs/access_nginx.log combined;
root /data/wwwroot/default;
index index.html index.htm index.php;
location ~ [^/]\.php(/|$) {
#fastcgi_pass remote_php_ip:9000;
SecRulesEnabled;
#LearningMode;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$EVADE >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
error_log /data/wwwlogs/foo.log;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location /RequestDenied {
return 418;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|ico)$ {
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$ {
expires 7d;
access_log off;
}
}
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
service nginx restart
not block foo.log is empty .
@buixor I think I found the problem , there was a little mistake , now solved . Thanks :P
@f2ex what was the "mistake"? I am having the same issue...
@kpirnie The problem is here :
location /RequestDenied {
return 418;
}
HTTP Status Code 418 is not supported .
Change into :
location /RequestDenied {
return 403; #Or a supported status code
}
compiling nginx( 1.10.1 )+naxsi ( 0.55.3 ) :
nginx/naxsi configuration :
check :
but , naxsi does not work . XSS attack test is not blocked , foo.log nothing at all .
Where is the problem ? thanks :)