Hi c0nw0nk, mex here, inital creator of http://spike.nginx-goodies.com/rules/ and maintainer of Doxi-Rules https://bitbucket.org/lazy_dogtown/doxi-rules/overview (this us where the rules live we create with spike :)
the doxi-rules in its current state are inspired by emerging threats rules, and not by the CRS-System because: - mod_security can hook into any phase of a request, while naxsi only works in access_phase - naxsi has a very slim but yet powerfull core-ruleset - naxsi doesnt hold state of an actor thus, it would not be possible to re-create the CRS onto naxsi, instead, we have a very slim but very fast core-ruleset that does not change very often, and ontop of this, if wanted a wider ruleset that protect against common classes of attacks like XXE or generel Object-Injections http://spike.nginx-goodies.com/rules/view/42000341 http://spike.nginx-goodies.com/rules/view/42000343 i learned from my gurus @emerging threats ti write signatures against vulnerabilities, not exploits before naxsi i used mod_security with CRS as well and it was more tha just PITA becaause of False Positives and performance-issues as well. with naxsdi, learning mode and whitelist-creation using a WAF is fun again. If you have detailed questions about naxsi, there is a naxsi-discuss-mailinglist as well cheers, mex c0nw0nk Wrote: ------------------------------------------------------- > So I recently got hooked on Naxsi and I am loving it to bits <3 thanks > to itpp2012 :) > > https://github.com/nbs-system/naxsi > > I found the following Rule sets here. > > http://spike.nginx-goodies.com/rules/ > > But I am curious does anyone have Naxsi written rules that would be > the same as/on Cloudflare's WAF ? > > These to be exact : > Package: > OWASP ModSecurity Core Rule Set : Covers OWASP Top 10 vulnerabilities, > and more. > Package: > Cloudflare Rule Set : Contains rules to stop attacks commonly seen on > Cloudflare's network and attacks against popular applications. > > > Love to have a Naxsi version of their WAF rules to add in to the > naxsi_core.rules file. Posted at Nginx Forum: https://forum.nginx.org/read.php?2,271695,271697#msg-271697 _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
