Nginx - Download Naxsi WAF policy failed

Started by Loïc_bzh, September 18, 2025, 12:16:17 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 18, 2025, 12:16:17 PM Last Edit: September 18, 2025, 11:11:32 PM by Loïc_bzh
Hello,

I would like to implement a WAF with Nginx, but when I click on "Download" to import the NAXSI core rules on "HTTP's=> Naxsi WAF policy" tab, nothing happens and after a few seconds, I get this error from the crash reporter of OPNsense :

Code Select
PHP Fatal error:  Allowed memory size of 8589934592 bytes exhausted (tried to allocate 8579452928 bytes) in /usr/local/opnsense/scripts/nginx/naxsi_rule_download.php on line 172
For the above error, the memory_limit from /usr/local/opnsense/service/templates/OPNsense/WebGui/php.ini was set to 8G. I had the same error with the original limit set to 1G.

System info:
FreeBSD 14.3-RELEASE-p2 stable/25.7-n271676-ab2281de1853 SMP amd64
OPNsense 25.7.3_7 13101bd9a
Plugins os-acme-client-4.10 os-adguardhome-maxit-1.15 os-ddclient-1.27_4 os-nginx-1.35
OpenSSL 3.0.17
Python 3.11.13
PHP 8.3.25

Thank you for your help.
September 24, 2025, 12:06:28 AM #1
I have also come across this error. The behaviour is exactly as described by OP. This is a fresh installation in a VM.

Code Select
PHP Fatal error:  Allowed memory size of 1073741824 bytes exhausted (tried to allocate 1063260160 bytes) in /usr/local/opnsense/scripts/nginx/naxsi_rule_download.php on line 172
After some googling, I also tried setting the memory_limit to a higher value. The only effect this had was to raise the byte counts.

Code Select
PHP Fatal error:  Allowed memory size of 4294967296 bytes exhausted (tried to allocate 4284485632 bytes) in /usr/local/opnsense/scripts/nginx/naxsi_rule_download.php on line 172
Advice, help, or a gentle nudge in the right direction would be much appreciated, as I'm on a deadline to get this implemented.

sysinfo:
FreeBSD 14.3-RELEASE-p2 stable/25.7-n271676-ab2281de1853 SMP amd64
OPNsense 25.7.3_7 13101bd9a
Plugins os-net-snmp-1.6 os-nginx-1.35 os-vmware-1.5_1
OpenSSL 3.0.17
Python 3.11.13
PHP 8.3.25

Thanks.
September 24, 2025, 04:08:07 AM #2
I have opened a bug report on GitHub for this issue, which includes a little more information as to the nature of the bug.
https://github.com/opnsense/plugins/issues/4953
September 26, 2025, 10:56:53 AM #3
Quote from: ethanvos on September 24, 2025, 04:08:07 AMI have opened a bug report on GitHub for this issue, which includes a little more information as to the nature of the bug.
https://github.com/opnsense/plugins/issues/4953

Thank you! I was going to open the ticket this morning, but you were quicker. :)
Print
Go Up Pages1
User actions