nbs-system / naxsi

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GNU General Public License v3.0
4.8k stars 606 forks source link

Very high cpu usage without LearningMode #509

Closed kanitan closed 11 months ago

kanitan commented 4 years ago

When doing stress testing, I found Naxsi performs very well when in Leaning Mode.But when I turned to block mode and CPU usage starts to go up to almost 100%. Is there any wrong in my configuration or any key steps before enable block mode?

location{}:

SecRulesEnabled;
#LearningMode; 
LibInjectionSql; 
LibInjectionXss; 
DeniedUrl "/RequestDenied"; 
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 5" BLOCK;
CheckRule "$UPLOAD >= 5" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
error_log /var/log/naxsi_audit.log;
include naxsi/*.wl;

http{}:

include /etc/nginx/naxsi/naxsi_core.rules;
wargio commented 4 years ago

Hello, thanks for the bug report. can you try to use the eb66a60f2150c52477d2a4ca2b776c7602773771 version ?