最新的 naxsi 模块是不是有问题呢

V2EX = way to explore

V2EX 是一个关于分享和探索的地方

For Existing Member Sign In

This topic created in 3783 days ago, the information mentioned may be changed or developed.

2015/12/28 14:09:06 [debug] 14757#0: *4924 is rule [1007] whitelisted in zone ARGS for item attack
2015/12/28 14:09:06 [debug] 14757#0: *4924 extra: exception happened in |NAME
2015/12/28 14:09:06 [debug] 14757#0: *4924 rule 1007 is disabled somewhere
2015/12/28 14:09:06 [debug] 14757#0: *4924 hashing varname [attack]
2015/12/28 14:09:06 [debug] 14757#0: *4924 hashing varname attack - 'wl:X_VAR:attack'
2015/12/28 14:09:06 [debug] 14757#0: *4924 hashing varname attack - 'wl:X_VAR:attack|NAME'
2015/12/28 14:09:06 [debug] 14757#0: *4924 hashing uri#1 / ($URL:X|URI)
2015/12/28 14:09:06 [debug] 14757#0: *4924 hashing uri#3 #/ ($URL:X|ZONE|NAME)
2015/12/28 14:09:06 [debug] 14757#0: *4924 hashing MIX #/#attack or ($URL:x|$X_VAR:y|NAME)
2015/12/28 14:09:06 [error] 14757#0: *4924 NAXSI_FMT: ip=1.1.1.1&server=www.x.com&uri=/&learning=0&vers=0.54&total_processed=726&total_blocked=10&block=1&cscore0=$SQL&score0=8&zone0=ARGS|NAME&id0=1007&var_name0=attack, client: 1.1.1.1, server: localhost, request: "HEAD /?attack=1 HTTP/1.0", host: "www. x.com"

MainRule "str:attack" "msg:ddos" "mz:ARGS|BODY" "s:$SQL:8" id:1007;
BasicRule wl:1007;
白名单无效， nginx 版本是 1.8.0
naxsi https://github.com/nbs-system/naxsi

No Comments Yet

2015/12/28 14:09:06 Attack debug