Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
Nginx Plugin :: WAF
« previous
next »
Print
Pages: [
1
]
Author
Topic: Nginx Plugin :: WAF (Read 3123 times)
ccesario
Jr. Member
Posts: 83
Karma: 1
Nginx Plugin :: WAF
«
on:
November 23, 2018, 04:04:52 pm »
Hi folks,
Could someone guide me with Nginx + WAF plugin!!?
Is it mandatory specify the Custom Security Policy in Location config when using Enable Security Rules option? (WAF). Im asking because the WAF rules only works when I specified Custom Security Policy, according attached image.
Best regards
Carlos
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Nginx Plugin :: WAF
«
Reply #1 on:
November 23, 2018, 06:44:01 pm »
This are the rules which are enabled. If you don't add any rules, there is nothing to match except the findings libinjection (configured above) which I would not rely on. OPNsense has no internal rules except those which come via libinjection which have their own setting.
The reason for the name is that You can define this security policies by yourself (but they are commonly imported from GitHub).
Logged
ccesario
Jr. Member
Posts: 83
Karma: 1
Re: Nginx Plugin :: WAF
«
Reply #2 on:
November 23, 2018, 07:00:47 pm »
Hi @Fabian,
Thank you by your explanation. I thought that thi it was optional .. as a plus rules... I thought that OPNsense had built in rules.
Thank you
Carlos
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Nginx Plugin :: WAF
«
Reply #3 on:
November 23, 2018, 08:05:49 pm »
No that would create some unexpected behaviour (blocked requests for unexpected reasons).
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.7 Legacy Series
»
Nginx Plugin :: WAF