What are the nginx-naxsi whitelist rules?

PHPz
Release: 2023-05-13 16:19:14
forward
1082 people have browsed it

Whitelist rule syntax:

basicrule wl:id [negative] [mz:[$url:target_url]|[match_zone]|[$args_var:varname]|[$ body_vars:varname]|[$headers_var:varname]|[name]]

##wl:id (white list id)Which interception rules will enter Whitelistwl:0Add all interception rules to the whitelistwl:42Add the interception rule with ID 42 to the whitelistwl:42,41,43Add the interception rule with IDs 42, 41 and 43 to the whitelist wl:-42Add all interception rules to the whitelist, except the interception rule with id 42
##mz:(match zones)

args$args_var$args_var_xheaders$headers_var$headers_var_x body$body_var$ body_var_xurlurl_xfile_ext
get’s entire parameters, such as: foo=bar&in=
Get the parameter name of the parameter, such as foo and in in foo=bar&in=
The parameter name of the regular matching get parameter
The entire http protocol header
The name of the http protocol header
The name of the regular matching http protocol header
The entire parameter content of post
The parameter name of post parameter
Parameter name of the regular matching post parameter
#url (before ?)
Regular matching url (before ?)
File name (the file name uploaded when uploading a file in post)
Whitelist configuration example

Take rule #1000 as an example: Rule #1000 filters out select, update, delete, insert Rules for sql keywords

Rulebasicrule wl:1000;basicrule wl:1000 "mz:$args_var:foo";Disable interception rules in all get parameter values ​​named foo#1000basicrule wl:1000 "mz:$url:/bar|args";In the get request with url /bar Parameter disable interception rule #1000basicrule wl:1000 "mz:args|name";at Disable interception rules for all parameter names (just names, not including parameter values) in all get requests #1000basicrule wl:0 "mz:$url_x:^/upload/(.*).(.*)$|url";Disable all interception rules for URLs that match ^/upload/(.*).(.*)$ regular rules in all requests
实战用的白名单规则
# vi naxsi_basicrule.conf
basicrule wl:1010,1011 "mz:$args_var:rd";
basicrule wl:1015,1315 "mz:$headers_var:cookie";
Copy after login
Description
Completely disable interception rule #1000 in this sub-rule. Because there is no specified area, all are added to the whitelist.

Requests like http://mike.hi-linux.com/?foo=select * from demo will not be filtered.

The following similar requests will not be filtered:

http://mike.hi-linux.com/bar?my=select * from demohttp:// mike.hi-linux.com/bar?from=weibo

The following requests will not be filtered:

http://mike.hi-linux .com/bar?from=weibo

The following requests will be filtered:

http://mike.hi-linux.com/bar?foo=select

Because select It is a parameter value and is not in the whitelist range.

Similar to http://mike.hi-linux.com/upload The /select.db request will not be filtered (it would have triggered the #1000 interception rule).

The above is the detailed content of What are the nginx-naxsi whitelist rules?. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:yisu.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template