nbs-system / naxsi

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GNU General Public License v3.0
4.8k stars 606 forks source link

Allow naxsi for some url #432

Closed InvokerFury closed 6 years ago

InvokerFury commented 6 years ago

Hy Sir,

could u help me pls, i got some error in naxsi, but when i allow naxsi will detect url again.. for example this is my log:

2018/08/08 17:06:18 [error] 1560#0: *635327 NAXSI_FMT: ip=192.168.88.1&server=xx.xxxx.com&uri=/emoneyreport/deletepin/deletepin/member_id/628389308715335997029H6VF/cust_tgl_lahir/1/cust_bln_lahir/1/cust_thn_lahir/2001&learning=0&vers=0.55.3&total_processed=14&total_blocked=2&block=1&cscore0=$SQL&score0=8&zone0=URL&id0=1000&var_name0=, client: 192.168.88.1, server: xx.xxxx.com, request: "GET /emoneyreport/deletepin/deletepin/member_id/628389308715335997029H6VF/cust_tgl_lahir/1/cust_bln_lahir/1/cust_thn_lahir/2001 HTTP/1.1", host: "xx.xxxx.com"

how to allow naxsi for all request from that url /emoneyreport/deletepin/deletepin/member_id/?

this is rule for some case .. when naxsi block

BasicRule wl:1000 "mz:$URL:/emoneyreport/deletepin/deletepin/member_id/62878806711520664851KBML1/cust_tgl_lahir/20/cust_bln_lahir/4/cust_thn_lahir/1995|URL";

but i want to allow all request from this parth /emoneyreport/deletepin/deletepin/member_id/

BasicRule wl:1100 "mz:$URL:/emoneyreport/deletepin/deletepin/member_id/|URL";

please help me.. sorry for my english

jvoisin commented 6 years ago

According to the documentation, something like this should work:

BasicRule wl:1100 "mz:$URL_X:^/emoneyreport/deletepin/deletepin/member_id/";
InvokerFury commented 6 years ago

its say incorrect when i apply your rule sir..

nginx: [emerg] Naxsi-Config : Incorrect line BasicRule wl:1100 (../naxsi/naxsi_src//naxsi_skeleton.c/474)... in /usr/local/nginx-naxsi/conf.d/naxsi/rules/xxxx.rules:56
nginx: configuration file /usr/local/nginx-naxsi/nginx-naxsi.conf test failed
jvoisin commented 6 years ago

Yeah, apparently, URL can't be a zone on its own, so maybe something like this instead:

BasicRule wl:1100 "mz:$URL_X:^/emoneyreport/deletepin/deletepin/member_id/|URL";
InvokerFury commented 6 years ago

solved sir.. thanks for your help.. have a nice day

jvoisin commented 6 years ago

Thank you for using naxsi :)