Question

我试图通过使用Naxsi来保护我的Nginx服务器但是当我尝试重新启动Nginx时出现此错误：

Restarting nginx: nginx: [emerg] "LearningMode" directive is not allowed here in /etc/nginx/naxsi.rules:4
nginx: configuration file /etc/nginx/nginx.conf test failed

这是我的nginx.conf文件

user www-data;
worker_processes 4;
pid /var/run/nginx.pid;

events {
   worker_connections 768;
}

http {
   sendfile              on;

   tcp_nopush            on;
   tcp_nodelay           on;

   keepalive_timeout     65;
   types_hash_max_size   2048;

   include               /etc/nginx/mime.types;
   default_type          application/octet-stream;

   access_log            /var/log/nginx/access.log;
   error_log             /var/log/nginx/error.log;

   gzip                  on;
   gzip_disable          "msie6";
   gzip_types            text/plain
                         text/css
                         application/json
                         application/x-javascript
                         text/xml
                         application/xml
                         application/xml+rss
                         text/javascript;

   include               /etc/nginx/naxsi_core.rules;
   include               /etc/nginx/conf.d/*.conf;
   include               /etc/nginx/sites-enabled/*;
}

naxsi_core.rules是具有默认naxsi规则的文件。 conf.d为空，因此没有任何规则被排除在sites-enabled内是我的默认服务器配置文件：

server {
 listen            8090;
 server_name       example.com;
 root              /home/test/unicorn/public;
 include           /etc/nginx/naxsi.rules;
}

我在这里包括naxsi.rules这是默认的naxsi规则文件：

LearningMode;
SecRulesEnabled;
#SecRulesDisabled;
DeniedUrl "/RequestDenied";

## check rules
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$EVADE >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;

Answer 1

您的文件＆＃34; naxsi.rules＆＃34;不包含在右侧块中。

您需要将其移至位置栏：

location / {
      include /etc/nginx/naxsi.rules;
}

为什么Nginx在包含Naxsi规则时会返回错误？

1 个答案: