NAXSI means Nginx Anti Xss & Sql Injection. Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple rules (naxsi_core.rules) containing 99% of known patterns involved in websites vulnerabilities. For example, ‘< ‘, ‘|’ or ‘drop’ are not supposed to be part of a URI.
It’s been a while that I wanted to test NAXSI and it seams working not so bad. I’ve made a documentation for basic usages (no whitelist or learning mode yet). In the doc, I talk about reporting, integration with fail2ban and how to use it on a current installation or from scratch.