Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect line MainRule rx (regex) #115

Open
ajgomez23 opened this issue Dec 5, 2023 · 7 comments
Open

Incorrect line MainRule rx (regex) #115

ajgomez23 opened this issue Dec 5, 2023 · 7 comments

Comments

@ajgomez23
Copy link

ajgomez23 commented Dec 5, 2023
edited by wargio
Loading

Hi, I’m encountering an error when I try to start Nginx. The error message indicates that there’s an incorrect line in naxsi_core.rules. Could this be a compatibility issue?

Here’s the error message I’m seeing:

nginx: [emerg] Naxsi-Config : Incorrect line MainRule rx:select|union|update|delete|insert|table|from|ascii|hex|unhex|drop|load_file|substr|group_concat|dumpfile (/etc/naxsi/naxsi_src//naxsi_skeleton.c/973)... in /etc/nginx/naxsi_core.rules:23

I’m currently using Nginx version 1.22.1.
@wargio
Copy link
Owner

wargio commented Dec 6, 2023
edited
Loading

sounds like you are using an old version of naxsi which has whatever patch the distro maintainers implemented to make it compile with pcre.

Did you build it from sources?

@wargio wargio changed the title Incorrect Line Incorrect line MainRule rx (regex) Dec 6, 2023
@ajgomez23
Copy link
Author

Thanks, yes i was using an old version of naxsi, i will try implement a new naxsi version

@wargio
Copy link
Owner

wargio commented Dec 6, 2023

Thanks, yes i was using an old version of naxsi, i will try implement a new naxsi version

Either use the compiled binaries in the release or just use the release naxsi-x.y-src-with-deps.tar.gz. avoid using the github tarballs/zips because they will not contain all the submodules.

For the latest release, please see: https://github.com/wargio/naxsi/releases

@AhsanZahid2001
Copy link

I'm also facing a similar issue. I am using the mentioned release (naxsi-x.y-src-with-deps.tar.gz), and am running NAXSI version 1.6, and NGINX version 1.24.

I started facing this issue when I tried upgrading from NAXSI 1.4 to 1.6. I already tried using version 1.5 and it's the same error.

This is the error that I'm getting

nginx: [emerg] Naxsi-Config : Incorrect line BasicRule wl:1310,1311 (naxsi_skeleton.c:723)... in /etc/nginx-conf/global/naxsi-wp-whitelist.rules:155

@wargio
Copy link
Owner

wargio commented Dec 7, 2023
edited
Loading

Now it is working properly and you have a new error.

From the log, sounds like you have a bad rule in /etc/nginx-conf/global/naxsi-wp-whitelist.rules at line 155

Can you paste here that line?

@AhsanZahid2001
Copy link 

    BasicRule wl:1310,1311 
     "mz:$URL_X:^/([\w-]+/)?|$BODY_VAR_X:^some_field_[\w\d-%\[\]]+|NAME";

    BasicRule wl:1310,1311 "mz:$BODY_VAR_X:^some_field_[\w\d-%\[\]]+|NAME";

    BasicRule wl:1310,1311 
    "mz:$URL_X:^/some-path/some-other/[\w-\/]+|$ARGS_VAR_X:^(_)?fields[%5BD\[\d\]]+|NAME";

    BasicRule wl:1310,1311 
     "mz:$URL_X:^/some-path/some-further/[\w-\/]+|$ARGS_VAR_X:^status[%5BD\[\d\]]+|NAME";
 
    BasicRule wl:1310,1311 
    "mz:$URL_X:^/some-path/some-other-path/[\w-\/]+|$ARGS_VAR_X:^some_path[%5BD\[\d\]]+|NAME";

These are the rules which are erroring out.

@wargio
Copy link
Owner

wargio commented Dec 8, 2023

I would strongly suggest to check those regexes on a website like https://regex101.com/
if i have to guess, maybe the % might be problematic, same for not escaping [ and ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@wargio @AhsanZahid2001 @ajgomez23