Closed jeanpaul1977 closed 6 years ago
Hello !
Sorry, the formatting was a bit hard to read so I might have missed some stuff. Naxsi purposely doesn't process requests in sub-requests and your case might end up being one (it lead to many corner-cases at the beginning).
This is something that will change with the next major evolution, but as of now it is a hard limit.
Hi!
Thanks for your input on this issue. I have now implemented a workaround wwith multiple serverblocks to apply the different rulesets. This works as expected.
BR,
JP
I want to configure two detection thresholds: a strict detection threshold for 'far away countries', and a less-strict set for local countries. I'm using a setup like:
location /strict/ { include /usr/local/nginx/naxsi.rules.strict;
}
location /not_so_strict/ { include /usr/local/nginx/naxsi.rules.not_so_strict;
}
location / {
REMOVED BUT THIS WORKS:
}
location /RequestDenied { return 403; }
The naxsi.rules.strict file contains the check rules: CheckRule "$SQL >= 8" BLOCK; etc.
For some reason this doesn't work. The syntax is ok, and I can reload Nginx. However the Naxsi never triggers. If I uncomment the include in the location-block / it works perfectly.
Any idea's why this doesn't work, or any better setup to use different rulesets based on some variables?