Naxsi

Technically, it is a third-party Nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple (and readable) rules containing 99% of known patterns involved in website vulnerabilities. For example, <, | or drop are not supposed to be part of a URI. Being very simple, those patterns may match legitimate queries, it is Naxsi's administrator duty to add specific rules that will whitelist legitimate behaviors. The administrator can either add whitelists manually by analyzing nginx's error log, or (recommended) start the project with an intensive auto-learning phase that will automatically generate whitelisting rules regarding a website's behavior. In short, Naxsi behaves like a DROP-by-default firewall, the only task is to add required ACCEPT rules for the target website to work properly.

Features

NAXSI means Nginx Anti XSS & SQL Injection
Contrary to most Web Application Firewalls, Naxsi doesn't rely on a signature base like an antivirus
Naxsi should be compatible with any nginx version
It is the Naxsi's administrator duty to add specific rules that will whitelist legitimate behaviors
The administrator can add whitelists manually by analyzing nginx's error log
Naxsi behaves like a DROP-by-default firewall

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow Naxsi

Naxsi Web Site

User Reviews

Be the first to post a review of Naxsi!

Additional Project Details

Programming Language

Related Categories

C Security Software

Registered

2022-02-16

Similar Business Software

ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Addigy

Addigy is the the only Apple Device Management platform that lets IT admins manage Apple devices in real-time, including macOS, iOS, iPadOS and tvOS devices. Our cloud-based multi-tenant platform combines MDM with live agent capabilities to manage and secure your Apple ecosystem — whether you’re...

See Software
Control D

Control D is a customizable DNS filtering and traffic redirection platform that leverages Secure DNS protocols like DNS-over-HTTPS, DNS-over-TLS and DNS-over-QUIC, with support for Legacy DNS. - Block malicious threats - Block unwanted types of content network wide (ads & trackers, IoT...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Google Cloud Platform

Google Cloud is a cloud-based service that allows you to create anything from simple websites to complex applications for businesses of all sizes. New customers get $300 in free credits to run, test, and deploy workloads. All customers can use 25+ products for free, up to monthly usage...

See Software
Frontegg

Frontegg is a Customer Identity and Access Management (CIAM) platform that simplifies authentication, authorization, and user management for SaaS companies. It enables developers to implement advanced identity features quickly, then shift ongoing administration to other teams. With Frontegg,...

See Software