Closed sule01u closed 11 months ago
Yes and no, yes you can do this, but not in the way you have defined this in the body of the issue.
You need to define the block list which says to block all the requests that does not contain the parameter foo.
Probably a negative regex should work, but i wouldn't suggest to use naxsi for sanitizing... this should be done on your code.
Hopefully, one day we'll see a real whitelisting mode generated
well, the whitelist concept on naxsi is to allow false positives on blocked requests.
Can I set the request to pass only if the parameter is foo ?
nginx.conf
include naxsi_whitelists.rules;
CheckRule "$UWA >= 4" DROP;
naxsi_core.rules
MainRule "rx:." "msg:double quote" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$UWA:4" id:10018;
naxsi_whitelists.rules
BasicRule wl:10018 "mz:$ARGS_VAR_X:foo";