Closed nadzree closed 7 years ago
The regexes are correct, but because of some limitation on naxsi processing, the branching "|" character isn't allowed.
Maybe you can use sth like ^/pl1?8[23]/pl1?8[23](.*)
instead ?
I see..great tips! or I can always declare a new line for the '|'.. however I'm in the midst of developing a control panel to generate this rules and optimised the rules..
Are you in plan to address this limitation in the future?
Yes, but not in the near future... To solve the problem the rule syntax has to be revamped...
noted on this sabban.. I'll try to do a work around on the regex verification in the panel..for now we will also restrict '|'
Thank you for your prompt reply
Another problem that I noticed that BODY_VAR cant have a symbol []
BasicRule wl:1310,1311 "mz:$BODY_VAR:code[]|$URL_X:^\/pl82\/pl182(.*)";
Ive received an error:
nginx: [emerg] WhiteList Hash building failed in /etc/nginx/nginx.conf:47 nginx: configuration file /etc/nginx/nginx.conf test failed
However with this rules i did not receive any error
BasicRule wl:1310,1311 "mz:$BODY_VAR:code[]|$URL:/pl82/pl82_bt_edit_events.php|NAME";
is there any other rules of combination or guide that we can follow?
You can't mixup matchzone with _X and $URL in one rule. https://github.com/nbs-system/naxsi/wiki/matchzones-bnf#regex-vs-string This is an other limitation, which may be lifted one day...
Learn something today! Thank you sabban..you are very helpfull : )
Hi Naxsi,
Ive tried to incorporate a regex in my whitelisting as below:
However this produce an error as below: nginx: [emerg] Naxsi-Config : Incorrect line BasicRule wl:1310,1311 (naxsi_skeleton.c/474)... in ext.rules:187
I think that's a correct regex or did I'm missing a configuration? Thanks!