nbs-system / naxsi

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GNU General Public License v3.0
4.8k stars 606 forks source link

Whitelists error Help - URL&var_name=&content #468

Closed Chathu07 closed 11 months ago

Chathu07 commented 5 years ago

Hi all,

I want to whitelist following ban. Then I have created following whitelist rule for core rule id 1000. But nginx reload failed.

BasicRule wl:1000 "mz:$URL_VAR:content";;

This is the error log.

2019/04/18 22:35:08 [error] 44389#44389: *1006 NAXSI_EXLOG: ip=157.55.39.89&server=www.domain.com&uri=%2F2012%2F09%2Fofficial-update-roll.html&id=1000&zone=URL&var_name=&content=%2F2012%2F09%2Fofficial-update-roll.html, client: 157.55.39.89, server: domain.com, request: "GET /2012/09/official-update-roll.html HTTP/1.1", host: "www.domain.com"

When I test the nginx with about whitelist rule it gives following error.

nginx: [emerg] Naxsi-Config : Incorrect line BasicRule wl:1000 (../naxsi-master/naxsi_src//naxsi_skeleton.c/474)... in /etc/nginx/naxsi/naxsi-whitelist.rules:3 nginx: configuration file /etc/nginx/nginx.conf test failed

he2ss commented 5 years ago

Hi,

$URL_VAR doesn't exist, you should use $URL or URL_X for regex. For your case, the whitelist is :

BasicRule wl:1000 "mz:$URL:/2012/09/official-update-roll.html";