我了解naxsi,我有这样的日志:
NAXSI_FMT:ip = 10.90.36.111&server = mywebsite.com&uri = / d / p / f&vers = 0.56&total_processed = 76&total_blocked = 5&config = learning&cscore0 = $ SQL&score0 = 8&zone0 = ARGS | NAME&id0 = 1000&var_name1 = cat |&zone = brandselect,客户端:10.90.36.111,服务器:localhost,请求:“ GET / d / p / f?size = 0&catid = 3423856&aggsmaxprice = 4406000&catselect = 3423856&brandselect = philips&brand = philips HTTP / 1.1”,主机:“ mywebsite.com”,引荐来源网址:“ https://mywebsite.com/jual-aksesori-mobil/3423856/philips”
我仍然使用默认的主要规则
rx:选择|联盟|更新|删除|插入|表|从| ascii |十六进制| unhex |删除” “ msg:sql关键字”“ mz:BODY | URL | ARGS | $ HEADERS_VAR:Cookie”“ s:$ SQL:4” id:1000;
我已经制定了此规则:
BasicRule wl:1000“ mz:$ ARGS_VAR:catselect | $ URL:/ d / p / f”;
BasicRule wl:1000“ mz:$ ARGS_VAR:brandselect | $ URL:/ d / p / f”;
知道为什么此白名单不起作用吗?