Naxsi and ModSecurity are... very different. They have distinct (and largely incomparable) backgrounds, philosophies, goals, implementation details, and, most importantly for this context, vastly different DSLs that support their operations. A 1-1 translation of the OWASP CRS (particularly v3, just recently released) from ModSecurity's rule language to Naxsi rule syntax just isn't possible. ModSecurity provides a number of features that are either unsupported or impossible in Naxsi, and given that the CRS was written explicitly for ModSec, taking advantage of some implantation-specific features... well, good luck ;) (and at this point you might as well use libmodsecurity or an openresty alternative like lua-resty-waf, as Naxsi is probably never going to support the operators and feature sets needed for the CRS).
As for CFs rules, I'm not 100% sure, but that essentially sounds like asking for access to CFs internal data pipeline. I doubt you'll find a published version of this, as it's data that powers their commercial WAF. > On Dec 23, 2016, at 16:26, c0nw0nk <nginx-fo...@forum.nginx.org> wrote: > > So I recently got hooked on Naxsi and I am loving it to bits <3 thanks to > itpp2012 :) > > https://github.com/nbs-system/naxsi > > I found the following Rule sets here. > > http://spike.nginx-goodies.com/rules/ > > But I am curious does anyone have Naxsi written rules that would be the same > as/on Cloudflare's WAF ? > > These to be exact : > Package: > OWASP ModSecurity Core Rule Set : Covers OWASP Top 10 vulnerabilities, and > more. > Package: > Cloudflare Rule Set : Contains rules to stop attacks commonly seen on > Cloudflare's network and attacks against popular applications. > > > Love to have a Naxsi version of their WAF rules to add in to the > naxsi_core.rules file. > > Posted at Nginx Forum: > https://forum.nginx.org/read.php?2,271695,271695#msg-271695 > > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
