What's Changed
- Cleanup + CI by @wargio in #3
- Fixes for nginx 1.20.2+ by @wargio in #4
- Moved all rules in the same repository by @wargio in #5
- Create codeql-analysis.yml by @wargio in #6
- libpcre compat by @vvvllll in #7
- Added arch linux PKGBUILD by @wargio in #8
- Build deb files by @wargio in #9
- Move nginx specific files by @wargio in #10
- Removed escaped values by @wargio in #11
- Moved rules depending if blocking or whitelist by @wargio in #12
- Cleanup rules and added new rules + linter by @wargio in #13
- More rules cleanup by @wargio in #15
- Added generic.rules file by @wargio in #16
- Add more rules by @wargio in #17
- Fix utf-8 check bug by @wargio in #20
- Block any access to any dot file or dot folder. by @wargio in #21
- SQL Injection additional rules by @wargio in #22
- Extra rules by @wargio in #23
- Export variables by @wargio in #24
- Additional SQL Admin Interface rules by @wargio in #25
- Block additional scanners by @wargio in #26
- Additional security rules by @wargio in #28
- Add wpscan in scanner rules by @wargio in #29
- Cleanup rules and added l9tcpid by @wargio in #31
- Windows support by @staticlibs in #33
- Added WinHttpReq to scanner list by @wargio in #34
- Windows CI build support by @staticlibs in #35
- Windows CI enhancements by @staticlibs in #36
- Add libinjection modified sources to .gitignore by @staticlibs in #37
- Block access to yaml & hcl & ctmpl files by @wargio in #38
- Generate python tests by @staticlibs in #41
- Windows warnings cleanup by @staticlibs in #42
- Fix response body read in test HTTP client by @staticlibs in #47
- Make sure IP address is null-terminated before passing it to inet_pton by @staticlibs in #48
- Internal rule 21: illegal host header by @wargio in #52
- Added ANY matchzone by @wargio in #53
- Adds
$naxsi_request_idand drops vers,total_processed and total_blocked by @wargio in #55 - Fix ANY when defining $URL/$URL_X by @wargio in #57
- Fix ci build due changes in libinjection by @wargio in #60
- Fix CI build by using a specific libinjection commit by @wargio in #62
- Fixed json number validation loop to support properly exponentials by @wargio in #63
- Added some new sqli keywords with tests by @wargio in #64
- Support json extended logs on naxsi by @wargio in #65
New Contributors
- @wargio made their first contribution in #3
- @vvvllll made their first contribution in #7
- @staticlibs made their first contribution in #33
Full Changelog: https://github.com/wargio/naxsi/commits/1.4rc1