dddddddddddddddddddddddddddddddddddddddd/     
      ddddddddddddddddddMMMMdddddddddddddddddd/     
      ``````````````````NMMM``````````````````      
   ---------------------NMMM---------------------`  
  `NNNNNNNNNNNNNNNNNNNNNMMMMNNNNNNNNNNNNNNNNNNNNNo  
  `MMMmoooooooooooooooooNMMMooooooooooooooooosMMMs  
  `MMMy                 NMMM                 -MMMs  
  `MMMy  /hhhhhhhhhhh`  NMMM   hhhhhhhhhhhs  -MMMs  
  `MMMy  /hhhhhhhhhhh`  NMMM   hhhhhhhhhhhs  -MMMs  
  `mmms                 NMMM                 -mmmo  
        /ssssssssssss`  NMMM   sssssssssssss.       
        sNNNNNNNNNNNN`  NMMM   NNNNNNNNNNNNN-       
                        oooo                        
        ::::::::::::::::::::::::::::::::::::`       
       `MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM/       
        ////////////////////////////////////.       
                                                    
 -yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyo 
 :MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMd 
  ````````````-NMMMd.```````````-ohNh+.```````````` 
             :NMMMo`            `+hMMMNy:`          
            +NMMm:             ````-sNMMMmo.        
    .yyyyyydMMMMmdddddmmmmmmmmmmmmNNNMMMMMMNh:      
    `MMMMMMMNNNNNNNmmmmmmddddddhhhhhhyyyyymMMMd/    
     ---............`````````````         `+mds:    
                                            ``      
                 [deroad's  blog]
                      [home]

# 2020-09-24 | Naxsi 1.1 and 1.1a security update
{

  Well after almost 2 years i decided to take under my arm naxsi and give it a bit of love.

  Before everything, a big thank you to 0xflotus marcinguy and squedgy for their PRs.

  I have re-formatted the code and added some checks where needed.

  The repository have received multiple PRs that needed/wanted to add some cool new features.

  I fixed several issues related to memory leaks, wrong encoding, etc.., i also have updated
  the version of libinjection to 3.9.2 (commit: 991433e7).

  I have also released the deb packages of the following distros:

  - debian: bullseye, buster, sid, stretch
  - ubuntu: bionic, focal

  You can use these packages in a configuration that can look like this:



  http {
    access_log /tmp/logs_access.log;
    error_log  /tmp/logs_error.log;
  
    default_type      text/plain;
    keepalive_timeout 68;
  
    # include naxsi_core.rules
    include /usr/share/naxsi/naxsi_core.rules;
  
    server {
      listen               1984;
      server_name          'localhost';
      client_max_body_size 30M;
  
      location / {
        # include learning/blocking mode
        include /usr/share/naxsi/naxsi_learning_mode.conf;
  
        # adding extra naxsi rules here:
        include /usr/share/naxsi/rules/wordpress.rules;
  
        root /var/www/html/;
        index index.html index.htm;
      }
  
      # include where naxsi should send a blocked request.
      include /usr/share/naxsi/naxsi_denied_url.conf;
      # End server config.
    }
  }



  One last point regarding version 1.1a (security update).

  I have patched some security vulnerabilities reported by Synacktiv which impacts Naxsi.
  These vulnerabilities are quite simple to exploit and can impact the security of the web application
  that you might want to secure via Naxsi.

  You can find below a link to the full report that explains all the vulnerabilities and how to exploit them.
}

# References:
  NBS-System Naxsi - version 1.1a (security update)
  https://github.com/nbs-system/naxsi/releases/tag/1.1a
  https://www.synacktiv.com/publications/bypassing-naxsi-filtering-engine.html

  NBS-System Naxsi - version 1.1 (ignore this version)
  https://github.com/nbs-system/naxsi/releases/tag/1.1