I need to send the blocked request to another server for logging.
According to this link (https://github.com/nbs-system/naxsi/wiki/directives), the follow headers are added:
NAXSI_HEADER_ORIG_URL "x-orig_url"
NAXSI_HEADER_ORIG_ARGS "x-orig_args"
NAXSI_HEADER_NAXSI_SIG "x-naxsi_sig"
SecRulesEnabled;
#LearningMode;
LibInjectionSql; #enable libinjection support for SQLI
LibInjectionXss; #enable libinjection support for XSS
#the location where naxsi will redirect the request when it is blocked
DeniedUrl "/_LOG/";
CheckRule "$SQL >= 8" BLOCK;#the action to take when the $SQL score is superior or equal to 8
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 5" BLOCK;
CheckRule "$UPLOAD >= 5" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
@inetshell in your setup, you tried to capture the request arriving on your /RequestedDenied, and you didn't see the headers ? Can you show an example please ?
I need to send the blocked request to another server for logging.
According to this link (https://github.com/nbs-system/naxsi/wiki/directives), the follow headers are added: NAXSI_HEADER_ORIG_URL "x-orig_url" NAXSI_HEADER_ORIG_ARGS "x-orig_args" NAXSI_HEADER_NAXSI_SIG "x-naxsi_sig"
But I cannot see the headers.
This is my config:
server { listen 80; listen [::]:80; servername ; location /_LOG { proxy_pass http://192.168.1.1:8080/; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_max_temp_file_size 0; proxy_pass_request_headers on; } location / { proxy_pass http://gateway; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_max_temp_file_size 0;
enable naxsi
} }
Does anyone had configured something similar?
https://github.com/nbs-system/naxsi/issues/345
Regards!