开源web应用防火墙 - Naxsi

Naxsi是一个开放源代码、高效、低维护规则的Nginx web应用防火墙模块。Naxsi的主要目标是帮助人们加固他们的web应用程序，以抵御SQL注入、跨站脚本、跨域伪造请求、本地和远程文件包含漏洞。

 

目前，Naxsi更新至0.41版，主要改变如下：

    * Feature: added support for FILE_EXT. We can now control file uploads names/extensions as well.

    * Added a rule for FILE_EXT into naxsi_core.rules

    * Added unit testing for FILE_EXT feature

    * Fixed erroneous log messages

    * Fixed an error on whitelist of types $URL:xxx|URL

 

工具下载：http://code.google.com/p/naxsi/downloads/list