WordPress pingback mitigation
mex
nginx-forum at forum.nginx.org
Sun May 21 09:25:42 UTC 2017
pbooth Wrote:
-------------------------------------------------------
> Wow- I really like the sound of naxsi. In the past I've used F5's ASM,
> the WAF built on their big-ip platform. It was powerful though prone
> to false positives. I don't believe there are any real shortcuts that
> allow you to build an effective waf without understanding the details
> of your own website. These simply aren't build, deploy and forget
> devices. It sounds a if the creator of naxsi understands this.
>
hi,
naxsi-ssupporter and doxi-rules-maintainer here.
FPs are an issue for any blocking-mechanism.
what many people dont know: naxsi has an integrated whitelist-generator,
allowing you to tune your WAF against your own application. for people with
staging/deployment - envoriments you can run anxsi there in learning-mode,
generating all whitelists needed on-the-fly and deploying them during your
regular deployments.
maybe overdosed for smaller setups, but fitting perfectly into
bigger setups.
and yes, naxsi needs more documentation an beginner-based manuals.
maybe thios helps to understand the rules (and needs an update as well:)
https://zero.bs/naxis-rules-manual.html
regards,
mex
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,274339,274358#msg-274358
More information about the nginx
mailing list