nbs-system / naxsi

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GNU General Public License v3.0
4.8k stars 606 forks source link

requesting was been rejected with https, but no any reason and blocked count is empty in error log. #599

Closed luowei1982 closed 2 years ago

luowei1982 commented 2 years ago

nginx config:

location /api {
        proxy_set_header Host $http_host;
            include naxsi_whitelists.rules;
            SecRulesEnabled;
            LearningMode;
            DeniedUrl "/50x.html";
            CheckRule "$SQL >= 8" BLOCK;
            CheckRule "$RFI >= 8" BLOCK;
            CheckRule "$TRAVERSAL >= 4" BLOCK;
            CheckRule "$EVADE >= 4" BLOCK;
            CheckRule "$XSS >= 8" BLOCK;
            proxy_pass   http://bpf_pf_platform/api;
            proxy_redirect  off;
       }

error_log:

2022/06/30 17:11:16 [error] 24323#0: *12 NAXSI_FMT: ip=10.1.2.1&server=testbpf.test.com.cn&uri=/public/image/favicon.ico&learning=1&total_processed=25&total_blocked=2, client: 10.1.2.1, server: testbpf.test.com.cn, request: "GET /public/image/favicon.ico HTTP/1.1", host: "testbpf.test.com.cn", referrer: "https://testbpf.test.com.cn/login.html"

please help, hope your relay.

wargio commented 2 years ago

version? also does not look dropped, looks like just a log.

luowei1982 commented 2 years ago

sorry, maybe my mistake.