New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I think its pretty simple, use it in the past
based on http://habrahabr.ru/company/centosadmin/blog/255343/
https://www.proteansec.com/application-security/naxsi/
I don't think people use naxsi nowday, specially when you running latest WP.
Hmm, not sure really, this all is pretty new to me. What do you think people use these days?
Naxsi only for preventing xss/sql injection if i recall correctly, if you always update latest WP and use safe plugins you don't really need naxsi.
Its all about the WordPress right?
Hmm, I get that but I'd sleep better if I knew I had at least some holes plugged. I don't trust application to take care of itself really, yhat would be some seriously lazy sysadmining.
Some good thinking case; naxsi "not working" properly because your WP/applications is not vulnerable
@Pentago
If you want something beyond NAXSI, you can use modsecurity for NGINX
It works fine, but a bit hard to package, so I just build and run from a docker container.
@ALinuxNinja are you saying that modsecurity is more advanced/robust solution?
Yes.