Closed rickygm closed 2 years ago
are you sure that you have loaded naxsi?
yes , its loaded
nginx -V 2>&1 | tr ' ' '\n' | grep naxsi
--add-dynamic-module=/rpm/naxsi/naxsi_src
http_addition_module http_flv_module http_gzip_static_module http_gunzip_module http_stub_status_module http_realip_module module=/rpm/naxsi/naxsi_src module=/rpm/incubator http_slice_module http_v2_module mail_pop3_module mail_smtp_module http_geoip_module module=/rpm/ngx_brotli http_auth_request_module http_mp4_module http_stub_status_module http_ssl_module module=/rpm/ngx_cache_purge http_xslt_module module=/rpm/nginx_cookie_flag_module module=/rpm/headers module module=/rpm/ngx_http_substitutions_filter_module module=/rpm/ModSecurity module=/rpm/nginx module module=/rpm/ngx_devel_kit module=/rpm/lua module
where do you load it?
sorry , I didn't put part of the nginx.conf config
user nginx;
worker_processes auto;
worker_cpu_affinity auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
load_module "modules/ngx_http_headers_more_filter_module.so";
load_module "modules/ngx_http_naxsi_module.so";
events {
use epoll;
worker_connections 2048;
multi_accept on;
}
http {
geo $naxsi_witl {
#ranges;
default 0;
127.0.0.1 1;
}
server_names_hash_bucket_size 64;
include /etc/nginx/mime.types;
include /etc/nginx/naxsi_core.rules;
include /etc/nginx/naxsi_core.rules;
must be in the http
context.
Hi wargio, there it is, if you look at the http { block, I just close geo $naxsi_witl {} , but it is still inside the http block
to me kinda looks like the module did not load
I did a couple of successful tests using nginx version 1.20.2
1- compile the nbs-system/naxsi version and no problem.
2- compile your fork and no problem.
nginx version: nginx/1.20.2 built by gcc 8.5.0 20210514 (Red Hat 8.5.0-10) (GCC) built with OpenSSL 1.1.1q 5 Jul 2022 TLS SNI support enabled configure arguments: --user=nginx --group=nginx --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --with-http_addition_module --with-http_flv_module --with-http_gzip_static_module --with-http_gunzip_module --with-http_stub_status_module --with-pcre --with-file-aio --with-threads --with-http_realip_module --add-dynamic-module=/rpm/naxsi/naxsi_src --add-module=/rpm/incubator-pagespeed-ngx-1.13.35.2-stable --with-http_slice_module --with-http_v2_module --without-mail_pop3_module --without-mail_smtp_module --with-debug --with-http_geoip_module --add-module=/rpm/ngx_brotli --with-compat --with-http_auth_request_module --with-http_mp4_module --with-openssl=/rpm/openssl-1.1.1q --with-http_stub_status_module --with-http_ssl_module --add-module=/rpm/ngx_cache_purge --with-http_xslt_module --add-module=/rpm/nginx_cookie_flag_module --add-dynamic-module=/rpm/headers-more-nginx-module --add-dynamic-module=/rpm/ngx_http_substitutions_filter_module --add-dynamic-module=/rpm/ModSecurity-nginx --add-module=/rpm/nginx-rtmp-module --add-dynamic-module=/rpm/ngx_devel_kit-0.3.1 --add-dynamic-module=/rpm/lua-nginx-module-0.10.20
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
on my server i'm using nginx/1.22.0
and everything works. so you must be doing something wrong.
If you are unsure what you are doing wrong, you can grab the built files for some distros here: https://github.com/wargio/naxsi/actions/runs/2852480227
do not use this repo for naxsi, because you won't block requests (all the regex rules are broken on this repo)
it is strange , in these last versions of nginx 1.22 and 1.23.1 , I have the same message with naxsi , I am using almalinux 8.x
i guess the package format is RPM ?
no , I'm compiling nginx from source
i will try tonight to build it on the same distro, can you provide me the command line that you have used so i can repro this? also a configuration for nginx
thank wargio for you support , I did the test again with version 1.22.0, compiled from the source and did not present the previous errors, I do not know what could be happening, I did what you have in the readme Build naxsi
nginx version: nginx/1.22.0 built by gcc 8.5.0 20210514 (Red Hat 8.5.0-10) (GCC) built with OpenSSL 1.1.1q 5 Jul 2022 TLS SNI support enabled
nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful
maybe you had a module version mismatch ps: my name is not margo.
fixed your name :) , I forgot to mention that I only added these modules to the compilation, previously I did not do it. --with-pcre --with-pcre-jit
Hi , I am testing with your wargio/naxsi fork and I get an error when I test nginx
The first one: when I compile with nginx/1.22.0 version and do a test I get a message:
nginx: [emerg] unknown directive "MainRule" in /etc/nginx/naxsi_core.rules:21
any ideas?