Difference between revisions of "Projects/OWASP NAXSI Project"

Jump to: navigation, search
Line 47: Line 47:
| links_name1 =Naxsi's at code.google.com
| links_name1 =Naxsi's at code.google.com
| links_url2 = https://www.owasp.org/index.php/GPC_Project_Assessment/OWASP_NAXSI_Project/Naxsi-alpha-v0.2
| links_url2 = https://www.owasp.org/index.php/GPC_Project_Assessment/OWASP_NAXSI_Project/Naxsi-alpha-v0.43
| links_name2 =Release's (Naxsi-alpha-v0.2) Assessment Process Control
| links_name2 =Release's (Naxsi-alpha-v0.43) Assessment Process Control
| links_url[3-10] =  
| links_url[3-10] =  
Line 54: Line 54:
| release_1 =  Naxsi-alpha-v0.2
| release_1 =  Naxsi-alpha-v0.2
| release_2 =  
| release_2 = Naxsi-0.41
| release_3 =
| release_3 = Naxsi-0.42
| release_4 =
| release_4 = Naxsi-0.43
<!--- The line below is for GPC usage only. Please do not edit it --->
<!--- The line below is for GPC usage only. Please do not edit it --->

Revision as of 06:52, 7 February 2012

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP NAXSI Project (home page)
  • Naxsi (Nginx Anti Xss Sql Injection) is an open source, high performance, low rules maintenance, Web Application Firewall module for Nginx, the infamous web server and reverse-proxy.
  • Its goal is to help people securing their web applications against attacks like SQL Injections, Cross Site Scripting, Cross Site Request Forgery, Local & Remote file inclusions.
  • The difference with most WAF (Web Application Firewalls) out there is that it does not rely upon signatures to detect and block attacks. It uses a simpler model where, instead of trying to detect "known" attacks, it detects unexpected characters in the HTTP requests/arguments.
  • Each kind of unusual character will increase the score of the request. If the request reaches a score considered "too high", the request will be denied, and the user will be redirected to a "forbidden" page. Yes, it works somewhat like a spam system.
License: GPL 2.0
who is working on this project?
Project Leader(s):
Project Contributor(s):
  • Sebastien Blot
  • Antonin Le Faucheux
  • Didier Conchaudron
  • Sofian Brabez
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Main links:
Key Contacts
current release
  1. REDIRECT Projects/OWASP NAXSI Project/Releases/Naxsi-alpha-v0.43
last reviewed release
Not Yet Reviewed

other releases