Naxsi Web Application Firewall Ver0.41

Naxsi is an open source, high performance, low rules maintenance, Web Application Firewall module

The infamous web server and reverse-proxy. Its goal is to help people securing their web applications against attacks like SQL Injections, Cross Site Scripting, Cross Site Request Forgery, Local & Remote file inclusions. The difference with most WAF (Web Application Firewalls) out there is that it does not rely upon signatures to detect and block attacks. It uses a simpler model where, instead of trying to detect “known” attacks, it detects unexpected characters in the HTTP requests/arguments. Each kind of unusual character will increase the score of the request. If the request reaches a score considered “too high”, the request will be denied, and the user will be redirected to a “forbidden” page. Yes, it works somewhat like a spam system.

Official Change Log For Naxsi 0.41:-
  • Feature: added support for FILE_EXT. We can now control file uploads names/extensions as well.
  • Added a rule for FILE_EXT into naxsi_core.rules
  • Added unit testing for FILE_EXT feature
  • Fixed erroneous log messages
  • Fixed an error on whitelist of types $URL:xxx|URL
To Download Naxsi v0.41 Click Here



Superb tutorial you have shared here and really impressed with your work, Thanks and keep sharing this kind of stuffs, Website Development Company Bangalore

Post a Comment

Related Posts Plugin for WordPress, Blogger...