Closed Korving-F closed 11 months ago
You can check this: https://github.com/nzin/naxsi/blob/master/t/21log.t#L22
Thanks for the quick reply. I just tried it out (copy-pastad that line), but it errors out as follows:
Mar 23 10:09:52 server nginx[337839]: nginx: [emerg] unknown directive "naxsi_logfile" in /etc/nginx/...
Installed version:
root@server:/tmp# dpkg-deb -I /tmp/naxsi.deb
new Debian package, version 2.0.
size 383466 bytes: control archive=1412 bytes.
347 bytes, 10 lines control
952 bytes, 13 lines md5sums
764 bytes, 29 lines * postinst #!/bin/sh
906 bytes, 32 lines * postrm #!/bin/sh
436 bytes, 14 lines * prerm #!/bin/sh
Package: libnginx-mod-http-naxsi
Version: 1.3
Priority: optional
Maintainer: NBS System <security@nbs-system.com>
Installed-Size: 1196
Section: httpd
Architecture: amd64
Depends: nginx-common (>= 1.18.0), libc6 (>= 2.17), libpcre3 (>= 2:8.39)
Homepage: https://github.com/nbs-system/naxsi
Description: NAXSI, a web application firewall for Nginx.
can i see the configuration?
It's basically the following. It fails in the server block as well.
# NAXSI WAF
include /usr/share/naxsi/naxsi_core.rules;
server {
# NAXSI WAF
include /usr/share/naxsi/naxsi_denied_url.conf;
set $naxsi_extensive_log 1;
....
location / {
naxsi_logfile /var/log/naxsi.log;
include /usr/share/naxsi/naxsi_learning_mode.conf;
include /usr/share/naxsi/rules/wordpress.rules;
root /var/www/somedir;
}
}
what if you place the log into the tmp?
Just tried, same error: "unknown directive"
oh wait. we never merged that.
from what i see, it was merged and then removed later.
Check ^_^ was there a good reason for the revert and can/should this issue be closed? It's still a nice feature I'd say..
Unfortunately i do not know, since this was way before me joining the company, but according to the commit (https://github.com/nbs-system/naxsi/commit/21d2507b434de17348b4d1fa407d69ff2d73c3cb) looks like it was causing many crashes.
Thanks for the quick replies ^_^ I'll just continue as is for now and watch out for new releases.
I can see there was some work done on this before in #100, but I can't find any documentation on it. Is this still possible to do?