mex Wrote: ------------------------------------------------------- > Hi c0nw0nk, > > mex here, inital creator of http://spike.nginx-goodies.com/rules/ > and maintainer of Doxi-Rules > https://bitbucket.org/lazy_dogtown/doxi-rules/overview > (this us where the rules live we create with spike :) > > the doxi-rules in its current state are inspired by emerging threats > rules, > and not by the CRS-System because: > > - mod_security can hook into any phase of a request, while naxsi only > works in access_phase > - naxsi has a very slim but yet powerfull core-ruleset > - naxsi doesnt hold state of an actor > > thus, it would not be possible to re-create the CRS onto naxsi, > instead, we > have a very slim but very fast core-ruleset that does not change very > often, > and ontop of this, if wanted a wider ruleset that protect against > common > classes of attacks like XXE or generel Object-Injections > http://spike.nginx-goodies.com/rules/view/42000341 > http://spike.nginx-goodies.com/rules/view/42000343 > > i learned from my gurus @emerging threats ti write signatures > against vulnerabilities, not exploits > > before naxsi i used mod_security with CRS as well and it was > more tha just PITA becaause of False Positives and performance-issues > as well. with naxsdi, learning mode and whitelist-creation > using a WAF is fun again. > > If you have detailed questions about naxsi, there is a > naxsi-discuss-mailinglist > as well > > > > > cheers, > > > mex > > > > > c0nw0nk Wrote: > ------------------------------------------------------- > > So I recently got hooked on Naxsi and I am loving it to bits <3 > thanks > > to itpp2012 :) > > > > https://github.com/nbs-system/naxsi > > > > I found the following Rule sets here. > > > > http://spike.nginx-goodies.com/rules/ > > > > But I am curious does anyone have Naxsi written rules that would be > > the same as/on Cloudflare's WAF ? > > > > These to be exact : > > Package: > > OWASP ModSecurity Core Rule Set : Covers OWASP Top 10 > vulnerabilities, > > and more. > > Package: > > Cloudflare Rule Set : Contains rules to stop attacks commonly seen > on > > Cloudflare's network and attacks against popular applications. > > > > > > Love to have a Naxsi version of their WAF rules to add in to the > > naxsi_core.rules file.
Hey mex thats awesome :) I love your work too with spike. I have a question about this rule here. http://spike.nginx-goodies.com/rules/view/42000039 In the site list here http://spike.nginx-goodies.com/rules/ Why is that rule ID number completely "Greyed" out what does that mean ? Posted at Nginx Forum: https://forum.nginx.org/read.php?2,271695,271790#msg-271790 _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
