Naxsi Web Application Firewall Ver0.41


Naxsi is an open source, high performance, low rules maintenance, Web Application Firewall module


The infamous web server and reverse-proxy. Its goal is to help people securing their web applications against attacks like SQL Injections, Cross Site Scripting, Cross Site Request Forgery, Local & Remote file inclusions. The difference with most WAF (Web Application Firewalls) out there is that it does not rely upon signatures to detect and block attacks. It uses a simpler model where, instead of trying to detect “known” attacks, it detects unexpected characters in the HTTP requests/arguments. Each kind of unusual character will increase the score of the request. If the request reaches a score considered “too high”, the request will be denied, and the user will be redirected to a “forbidden” page. Yes, it works somewhat like a spam system.

Official Change Log For Naxsi 0.41:-
  • Feature: added support for FILE_EXT. We can now control file uploads names/extensions as well.
  • Added a rule for FILE_EXT into naxsi_core.rules
  • Added unit testing for FILE_EXT feature
  • Fixed erroneous log messages
  • Fixed an error on whitelist of types $URL:xxx|URL
To Download Naxsi v0.41 Click Here

Categories:

1 comments:

Superb tutorial you have shared here and really impressed with your work, Thanks and keep sharing this kind of stuffs, Website Development Company Bangalore

Post a Comment

Related Posts Plugin for WordPress, Blogger...