Skip to content
This repository has been archived by the owner on Feb 3, 2020. It is now read-only.
/ spike Public archive

A cool web interface to manage rules for naxsi

Notifications You must be signed in to change notification settings

nbs-system/spike

Repository files navigation

Spike! - Naxsi Rules Builder

Code Health Codacy Badge Scrutinizer Code Quality Coverage Status Build Status

Spike is a simple web application to manage naxsi rules. Rules are stored in a sqlite database, and can be added, deleted, modified, searched, importable and exportable in plain-text.

This software was initially created to help with keeping the Doxi rulesets up-to-date. It was created with love by the people of mare system in 2011, maintained by 8ack, and now, it's being adopted by the naxsi project.

It runs on modern version of Python, and is proudly powered by flask and sqlalchemy.

You can take a look here for a live (legacy) version.

WARNING

Spike ist still very early alpha.

NEVER run Spike! on a public facing Server; there's absolutely no protection or user-login atm; exposing Spike! to the public could lead into damaged or deleted rules

Really

Spike Installation and Setup

Requirements

To run, spike needs:

  • python
  • python-sqlite
  • sqlalchemy
  • markdown
  • flask
  • flask-bootstrap
  • flask-sqlalchemy

You can also install the following optional dependencies:

  • python-pcre for regexp validation

Setup

git clone https://github.com/nbs-system/spike
pip install -r requirements.txt
python ./spike-server.py init
python ./spike-server.py run

Configuration

Check the config.cfg file:

  • APP_PORT: the port the spike-server listens on (defaults to 5555)
  • APP_HOST: the ip to bind to (defaults to 127.0.0.1)
  • RULESET_HEADER: the header that get written to each ruleset.rules; you might use some placeholders:
    • RULESET_DESC: value from DESC
    • RULESET_FILE: ruleset_filename
    • RULESET_DATE: export-date

Putting Spike behind Nginx

server {
    server_tokens off;
    listen 443 ssl;
    server_name spike.nginx-goodies.com  ;
    
    proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header    X-Real-IP         $remote_addr;
    proxy_set_header    Host              $host;
    proxy_set_header    X-Forwarded-Proto $scheme;
    
    access_log  /var/log/nginx/spike.access.log; 
    error_log  /var/log/nginx/error.log;
    
    root /var//www/spike;
    
    location  /static {
        autoindex off;
        expires 1d;
    }
    
    location / {
        proxy_cache off;
        proxy_redirect off;
        proxy_pass http://127.0.0.1:5555;
        expires off;
        include /etc/nginx/doxi-rules/active-mode.rules;
        include /etc/nginx/doxi-rules/local.rules;
        include /etc/nginx/doxi-rules/spike-wl.rules;
    }
}

# spike-wl.rules for naxsi (you're running naxsi on your nginx setup, right ?)

BasicRule wl:1100 "mz:$BODY_VAR:rmks";
BasicRule wl:1101 "mz:$BODY_VAR:rmks";

Screenshots

Rules creation Rules set management

Links

About

A cool web interface to manage rules for naxsi

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published