nbs-system / naxsi

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GNU General Public License v3.0
4.8k stars 606 forks source link

I added a rule, but it did not take effect. #503

Closed fushisanlang closed 11 months ago

fushisanlang commented 4 years ago

i need add a rule ,to denied a php request。it like:

MainRule "rx:.php" "mz:ARGS|BODY|URL" "s:$XSS:8" id:10009;

when i request ‘XXX.com/?1.php’,i can get a 403. but when i request 'XXX.com/1.php', I am not denied access。

i want to know is that a bug or a configuration error。

thank you

wargio commented 4 years ago

What is the value of CheckRule ?

fushisanlang commented 4 years ago
#LearningMode; #Enables learning mode
SecRulesEnabled;
DeniedUrl "/RequestDenied";
include "/usr/local/nginx/conf/wl.conf";
#include "/tmp/naxsi_rules.tmp";
## check rules
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
CheckRule "$EVADE >= 8" BLOCK;
CheckRule "$UPLOAD >= 8" BLOCK;
wargio commented 4 years ago

Try to use MainRule "str:.php" "mz:ARGS|BODY|URL" "s:$XSS:8" id:10009;

fushisanlang commented 4 years ago

still not work