Naxsi and ModSecurity are... very different. They have distinct (and largely incomparable) backgrounds, philosophies, goals, implementation details, and, most importantly for this context, vastly different DSLs that support their operations. A 1-1 translation of the OWASP CRS (particularly v3, just recently released) from ModSecurity's rule language to Naxsi rule syntax just isn't possible. ModSecurity provides a number of features that are either unsupported or impossible in Naxsi, and given that the CRS was written explicitly for ModSec, taking advantage of some implantation-specific features... well, good luck ;) (and at this point you might as well use libmodsecurity or an openresty alternative like lua-resty-waf, as Naxsi is probably never going to support the operators and feature sets needed for the CRS).
As for CFs rules, I'm not 100% sure, but that essentially sounds like asking for access to CFs internal data pipeline. I doubt you'll find a published version of this, as it's data that powers their commercial WAF.
> On Dec 23, 2016, at 16:26, c0nw0nk <nginx-forum@forum.nginx.org> wrote:
>
> So I recently got hooked on Naxsi and I am loving it to bits <3 thanks to
> itpp2012 :)
>
> https://github.com/nbs-system/naxsi
>
> I found the following Rule sets here.
>
> http://spike.nginx-goodies.com/rules/
>
> But I am curious does anyone have Naxsi written rules that would be the same
> as/on Cloudflare's WAF ?
>
> These to be exact :
> Package:
> OWASP ModSecurity Core Rule Set : Covers OWASP Top 10 vulnerabilities, and
> more.
> Package:
> Cloudflare Rule Set : Contains rules to stop attacks commonly seen on
> Cloudflare's network and attacks against popular applications.
>
>
> Love to have a Naxsi version of their WAF rules to add in to the
> naxsi_core.rules file.
>
> Posted at Nginx Forum: https://forum.nginx.org/read.php?2,271695,271695#msg-271695
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx