Spike

A cool web interface for naxsi

View project on GitHub

Spike! - Naxsi Rules Builder

Code Health Codacy Badge Scrutinizer Code Quality

Spike is a simple web application to manage naxsi rules. Rules are stored in a sqlite database, and can be added, deleted, modified, searched, importable and exportable in plain-text.

This software was initially created to help with keeping the Doxi rulesets up-to-date. It was created with love by the people of mare system in 2011, maintained by 8ack, and now, it's being adopted by the naxsi project.

It's proudly powered by flask and sqlalchemy.

You can take a look here for a live (legacy) version.

WARNING

Spike ist still very early alpha.

NEVER run Spike! on a public facing Server; there's absolutely no protection or user-login atm; exposing Spike! to the public could lead into damaged or deleted rules

Really

Spike Installation and Setup

Requirements

To run, spike needs:

  • python2.7
  • sqlalchemy
  • flask
  • python-sqlite

Setup

git clone https://github.com/spike
pip install flask
pip install flask-bootstrap
pip install flask-sqlalchemy
pip install flask-wtf
pip install markdown
python ./spike-server.py run

Configuration

Check the config.cfg file:

  • APP_PORT -> the port the spike-server listens on (defaults to 5555)
  • APP_HOST -> the ip to bind to (defaults to 127.0.0.1)
  • RULESET_HEADER -> the header that get written to each ruleset.rules; you might use some placeholders:
    • RULESET_DESC -> value from DESC
    • RULESET_FILE -> ruleset_filename
    • RULESET_DATE -> export-date

Putting Spike behind Nginx

server {
    server_tokens off;
    listen 443 ssl;
    server_name spike.nginx-goodies.com  ;

    proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header    X-Real-IP         $remote_addr;
    proxy_set_header    Host              $host;
    proxy_set_header    X-Forwarded-Proto $scheme;

    access_log  /var/log/nginx/spike.access.log; 
    error_log  /var/log/nginx/error.log;

    root /var//www/spike;

    location  /static {
        autoindex off;
        expires 1d;
    }

    location / {
        proxy_cache off;
        proxy_redirect off;
        proxy_pass http://127.0.0.1:5555;
        expires off;
        include /etc/nginx/doxi-rules/active-mode.rules;
        include /etc/nginx/doxi-rules/local.rules;
        include /etc/nginx/doxi-rules/spike-wl.rules;
    }
}

# spike-wl.rules for naxsi (you're running naxsi on your nginx setup, right ?)

BasicRule wl:1100 "mz:$BODY_VAR:rmks";
BasicRule wl:1101 "mz:$BODY_VAR:rmks";

Screenshots

Rules creation Rules set management

Links