15 lines
822 B
Text
15 lines
822 B
Text
NAXSI means Nginx Anti XSS & SQL Injection.
|
|
|
|
The nginx nasxi module, by default, reads a small subset of simple (and
|
|
readable) rules containing 99% of known patterns involved in website
|
|
vulnerabilities. For example, <, | or drop are not supposed to be part of a URI.
|
|
|
|
Being very simple, those patterns may match legitimate queries, it is the
|
|
Naxsi's administrator duty to add specific rules that will whitelist legitimate
|
|
behaviours. The administrator can either add whitelists manually by analyzing
|
|
nginx's error log, or (recommended) start the project with an intensive
|
|
auto-learning phase that will automatically generate whitelisting rules
|
|
regarding a website's behaviour.
|
|
|
|
In short, Naxsi behaves like a DROP-by-default firewall, the only task is to add
|
|
required ACCEPT rules for the target website to work properly.
|