Welcome! Log In Create A New Profile

Re: Naxsi Nginx High performance WAF

Forum List Message List New Topic Print View

Robert Paprocki

December 24, 2016 12:50AM

Naxsi and ModSecurity are... very different. They have distinct (and largely incomparable) backgrounds, philosophies, goals, implementation details, and, most importantly for this context, vastly different DSLs that support their operations. A 1-1 translation of the OWASP CRS (particularly v3, just recently released) from ModSecurity's rule language to Naxsi rule syntax just isn't possible. ModSecurity provides a number of features that are either unsupported or impossible in Naxsi, and given that the CRS was written explicitly for ModSec, taking advantage of some implantation-specific features... well, good luck ;) (and at this point you might as well use libmodsecurity or an openresty alternative like lua-resty-waf, as Naxsi is probably never going to support the operators and feature sets needed for the CRS).

As for CFs rules, I'm not 100% sure, but that essentially sounds like asking for access to CFs internal data pipeline. I doubt you'll find a published version of this, as it's data that powers their commercial WAF.

> On Dec 23, 2016, at 16:26, c0nw0nk <nginx-forum@forum.nginx.org> wrote:
>
> So I recently got hooked on Naxsi and I am loving it to bits <3 thanks to
> itpp2012 :)
>
> https://github.com/nbs-system/naxsi
>
> I found the following Rule sets here.
>
> http://spike.nginx-goodies.com/rules/
>
> But I am curious does anyone have Naxsi written rules that would be the same
> as/on Cloudflare's WAF ?
>
> These to be exact :
> Package:
> OWASP ModSecurity Core Rule Set : Covers OWASP Top 10 vulnerabilities, and
> more.
> Package:
> Cloudflare Rule Set : Contains rules to stop attacks commonly seen on
> Cloudflare's network and attacks against popular applications.
>
>
> Love to have a Naxsi version of their WAF rules to add in to the
> naxsi_core.rules file.
>
> Posted at Nginx Forum: https://forum.nginx.org/read.php?2,271695,271695#msg-271695
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Naxsi Nginx High performance WAF	c0nw0nk	December 23, 2016 07:26PM
Re: Naxsi Nginx High performance WAF	Robert Paprocki	December 24, 2016 12:50AM
Re: Naxsi Nginx High performance WAF	mex	December 24, 2016 03:09AM
Re: Naxsi Nginx High performance WAF	c0nw0nk	January 01, 2017 03:45AM
Re: Naxsi Nginx High performance WAF	mex	January 06, 2017 04:11AM
Re: Naxsi Nginx High performance WAF	c0nw0nk	January 06, 2017 04:29AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 269

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018