Closed dertin closed 5 years ago
There is no recommended configuration, as naxsi is a whitelist-based WAF; each configuration is heavily tied to the underlying application.
Hi @jvoisin
I saw something to activate LearningMode But I did not find documentation of how it should be used and what it is for. I guess that generates rules from the use of the web application.
I also found the following. https://github.com/nbs-system/nxtool-ng
But I still do not know how it works. I try to read the documentation, but my mother tongue is not English, that makes it a bit difficult for me.
Hello @dertin !
If your website have little user interactions (ie. forms with free text etc.), learning might be a good candidate.
To do so, run naxsi in learning mode on your website, generate some traffic (or wait for legitimate users to do so), and then use nxtool
to :
The documentation on the main page of nxtool should help you. However, this requires you to setup an elastic-search :)
Another solution might be to use lasagna which is supposed to be an "easy" whitelist generator for naxsi. While I didn't try it myself, it might be suitable for your usage :)
Let us know how we can help !
Wow, I didn't know about lasagna, shouldn't it be mentioned in the documentation @buixor ?
I thank you if you can tell me how I should make a configuration that gives me security on my website. This is the script that you used to install the server: https://github.com/dertin/lemp-stack-debian Thank you.