1.9 KiB
1.9 KiB
Internal rules
Since its 0.53 release, naxsi comes with a predefined set of rules with the following id:
1- "weird request" : This a generic exception used for improperly formatted requests.2- "big request" : Request is too big and has been buffered to disk by nginx.10- "uncommon hex encoding" : Encoding suggests this might be an escape attempt.11- "uncommon content-type" : Content-type of BODY is unknown / cannot be parsed.12- "uncommon URL" : URL is malformed13- "uncommon post format" : malformed boundary or content-disposition14- "uncommon post boundary" : BODY boundary line is malformed, or boundary breaks RFC15- invalid JSON - gets parsed when application/json is detected (experimental as of summer 2014)16- "empty body" : POST with empty BODY, available since naxsi 0.53-1, was merged withid:11before.17- "Libinjection SQL" : Libinjection SQL detection was triggered.18- "Libinjection XSS" : Libinjection XSS detection was triggered.
naxsi-core.rules
Naxsi ships with a basic core-rule-set that protects against common attacks. Those Core-Rules should always be loaded.
- SQL-Injections (1000-1099)
- Obvious Remote File Inclusions (1100-1199)
- Directory Traversal (1200-1299)
- Cross Site Scripting (1300-1399)
- Basic Evading tricks (1400-1500)
- File uploads (1500-1600)