pbooth Wrote:
-------------------------------------------------------
> Wow- I really like the sound of naxsi. In the past I've used F5's ASM,
> the WAF built on their big-ip platform. It was powerful though prone
> to false positives. I don't believe there are any real shortcuts that
> allow you to build an effective waf without understanding the details
> of your own website. These simply aren't build, deploy and forget
> devices. It sounds a if the creator of naxsi understands this.
>


hi,

naxsi-ssupporter and doxi-rules-maintainer here.

FPs are an issue for any blocking-mechanism.
what many people dont know: naxsi has an integrated whitelist-generator,
allowing you to tune your WAF against your own application. for people with
staging/deployment - envoriments you can run anxsi there in learning-mode,
generating all whitelists needed on-the-fly and deploying them during your
regular deployments.

maybe overdosed for smaller setups, but fitting perfectly into
bigger setups.


and yes, naxsi needs more documentation an beginner-based manuals.
maybe thios helps to understand the rules (and needs an update as well:)
https://zero.bs/naxis-rules-manual.html


regards,


mex