This is RC2 for naxsi 0.55 :
NEW
- Added support for RAW_BODY (rules to be matched against the full, raw body. Can be useful to match rules against unparsed content : XML, serialized java objects etc.)
- Confirmed support as a dynamic module (introduced in nginx 1.9.11)
- Better libinjection integration (can be used to make virtual-patching)
# drop any request that libinjection considers as SQLi (checked only in GET variable named "id")
MainRule id:4242 "d:libinj_sql" "mz:$ARGS_VAR:id" "s:DROP";
- Better blacklist matchzones (can now be as precise as whitelists)
# matches "test" on variable named "aa" or "ab" as long as they target url "/foo"
MainRule id:4241 "str:test" "mz:$URL:/foo|$ARGS_VAR:aa|$ARGS_VAR:ab" "s:$XSS:8";
BUGFIXES