wargio/naxsi 1.4

Naxsi 1.4

on GitHub

What's Changed

• Cleanup and added CI by @wargio in #3
• Fixes for nginx 1.20.2+ by @wargio in #4
• Moved all rules in the same repository by @wargio in #5
• Create codeql-analysis.yml by @wargio in #6
• libpcre compat by @vvvllll in #7
• Added arch linux PKGBUILD by @wargio in #8
• Build deb files by @wargio in #9
• Move nginx specific files by @wargio in #10
• Removed escaped values by @wargio in #11
• Moved rules depending if blocking or whitelist by @wargio in #12
• [Rule] Cleanup rules and added new rules + linter by @wargio in #13
• [Rule] More rules cleanup by @wargio in #15
• [Rule] Added generic.rules file by @wargio in #16
• [Rule] Add more rules by @wargio in #17
• Fix utf-8 check bug by @wargio in #20
• [Rule] Block any access to any dot file or dot folder. by @wargio in #21
• [Rule] SQL Injection additional rules by @wargio in #22
• [Rule] Extra rules by @wargio in #23
• Export variables by @wargio in #24
• [Rule] Additional SQL Admin Interface rules by @wargio in #25
• [Rule] Block additional scanners by @wargio in #26
• [Rule] Additional security rules by @wargio in #28
• [Rule] Add wpscan in scanner rules by @wargio in #29
• [Rule] Cleanup rules and added l9tcpid by @wargio in #31
• Windows support by @staticlibs in #33
• [Rule] Added WinHttpReq to scanner list by @wargio in #34
• Windows CI build support by @staticlibs in #35
• Windows CI enhancements by @staticlibs in #36
• Add libinjection modified sources to .gitignore by @staticlibs in #37
• [Rule] Block access to yaml & hcl & ctmpl files by @wargio in #38
• Generate python tests by @staticlibs in #41
• Windows warnings cleanup by @staticlibs in #42
• Fix response body read in test HTTP client by @staticlibs in #47
• Make sure IP address is null-terminated before passing it to inet_pton by @staticlibs in #48
• [Rule] Internal rule 21: illegal host header by @wargio in #52
• Added ANY matchzone by @wargio in #53
• Adds $naxsi_request_id and drops vers,total_processed and total_blocked by @wargio in #55
• Fix ANY when defining $URL/$URL_X by @wargio in #57
• Fixed json number validation loop to support properly exponentials by @wargio in #63
• Added some new sqli keywords with tests by @wargio in #64
• Support json extended logs on naxsi by @wargio in #65
• [Rule] Exposed AWS Elastic Beanstalk configuration by @wargio in #69
• [Rule] Malicious wp access to ALFA_DATA|alfacgiapi|cgialfa path by @wargio in #70
• [Rule] Block access to temporary backup files. by @wargio in #71
• Fix reserved identifier violation issue nbs-system/naxsi#626 by @wargio in #72

New Contributors

• @wargio made their first contribution in #3
• @vvvllll made their first contribution in #7
• @staticlibs made their first contribution in #33

Full Changelog: 1.3...1.4