1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

is naxsi installed?

Discussion in 'Nginx' started by zaheer, Jun 27, 2016.

Tags:
  1. zaheer

    zaheer New Member Member

    hi sir i installed this rpm ulyaoth i installed this naxsi-nginx as a reverse proxy for apache everything working fine my aim is to install naxsi with nginx.. i am not sure does naxsi installed on my server or not i'm just a learner please help me sir. sorry for my bad english :)
    thanks you sir,
    best regards,
    zaheer
     
  2. sbagmeijer

    sbagmeijer Machine

    Hello Zaheer,

    and welcome to our forum, you can install naxsi as a nginx module as following:

    Code:
    yum install ulyaoth-nginx ulyaoth-nginx-module-naxsi
    Then you should open your "nginx.conf" and make sure you load the naxsi module and it's rules so a example nginx.conf would be:

    Code:
    user  nginx;
    worker_processes  auto;
    
    error_log  /var/log/nginx/error.log warn;
    pid        /var/run/nginx.pid;
    
    # Load dynamic modules below this comment.
    load_module modules/ngx_http_naxsi_module.so;
    
    events {
      worker_connections  1024;
      use epoll;
      multi_accept  on;
    }
    
    
    http {
    # load naxsi rules.
      include       /etc/nginx/naxsi_core.rules;
     
      include       /etc/nginx/mime.types;
      default_type  application/octet-stream;
    
      log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                        '$status $body_bytes_sent "$http_referer" '
                        '"$http_user_agent" "$http_x_forwarded_for"';
    
      access_log  /var/log/nginx/access.log  main;
    
      server_tokens   off;
      sendfile        on;
      #tcp_nopush     on;
    
      keepalive_timeout  65;
    
      #gzip  on;
    
      include /etc/nginx/conf.d/*.conf;
      include /etc/nginx/sites-enabled/*.conf;
    }

    Most important bits of this are:
    Code:
    # Load dynamic modules below this comment.
    load_module modules/ngx_http_naxsi_module.so;
    
    # load naxsi rules.
      include       /etc/nginx/naxsi_core.rules;
    If you have done this Naxsi should be loaded and you can write some test rules to see if Naxsi works correctly.

    You can read the full naxsi documentation here: https://github.com/nbs-system/naxsi/wiki
     
    zaheer likes this.
  3. zaheer

    zaheer New Member Member

    Thank you sir i'll test it now :)
     
  4. zaheer

    zaheer New Member Member

    i have tested it sir working fine for me
    should i add any whitelist.rules cuz i need to install wordpress and xenforo does it causes me any trouble with naxsi?
    i found this on git wordpress.rules
    thanks alot :)
     
  5. zaheer

    zaheer New Member Member

    my nginx.conf

    Code:
    user  nginx;
    worker_processes  auto;
    
    error_log  /var/log/nginx/error.log warn;
    pid        /var/run/nginx.pid;
    
    # Load dynamic modules below this comment.
    load_module modules/ngx_http_naxsi_module.so;
    
    events {
      worker_connections  1024;
      use epoll;
      multi_accept  on;
    }
    
    
    http {
    # load naxsi rules.
      include       /etc/nginx/naxsi_core.rules;
    
      include       /etc/nginx/mime.types;
      default_type  application/octet-stream;
    
      log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                        '$status $body_bytes_sent "$http_referer" '
                        '"$http_user_agent" "$http_x_forwarded_for"';
    
      access_log  /var/log/nginx/access.log  main;
    
      server_tokens   off;
      sendfile        on;
      #tcp_nopush     on;
    
      keepalive_timeout  65;
    
      #gzip  on;
    
      include /etc/nginx/conf.d/*.conf;
      include /etc/nginx/sites-enabled/*.conf;
    }
    

    and Vhost file

    Code:
    server {
        listen 10.0.0.4:80;
        server_name www.zk.in zk.in;
        error_page 404 403 500 502 503 504 /error.html;
        access_log /var/log/virtualmin/zk.in_nginx_access_log;
        error_log  /var/log/virtualmin/zk.in_nginx_error_log;
    
        location / {
            proxy_pass http://10.0.0.4:9091;
            include /etc/nginx/proxy.conf;
           include           /etc/nginx/naxsi.rules;
        }
             location /RequestDenied {
             return 406;
         }
    }
    
    naxsi.rules file

    Code:
    #LearningMode;
    SecRulesEnabled;
    #SecRulesDisabled;
    DeniedUrl "/RequestDenied";
    
    ## Check & Blocking Rules
    CheckRule "$SQL >= 8" BLOCK;
    CheckRule "$RFI >= 8" BLOCK;
    CheckRule "$TRAVERSAL >= 4" BLOCK;
    CheckRule "$EVADE >= 4" BLOCK;
    CheckRule "$XSS >= 8" BLOCK;
    now my wordpres site is like this when i try to login admincp..

    [​IMG]

    how can i whitelist wordpress and xenforo site please help me sir :(
     
    Last edited: Jun 27, 2016
  6. zaheer

    zaheer New Member Member

    please help
     
    Last edited: Jun 27, 2016

Share This Page