NAXSI, an Nginx Web Application Firewall


A real-time protection against attacks

NAXSI is a web application firewall, a solution securing the incoming traffic on your website. It protects against most common attacks on the web, including for instance Cross-Site Scripting (XSS) or SQL injections (SQLi).
Installed on the infrastructure of your website, it spots malicious behaviors and blocks attacks in real time.

A customized protection for your website

NAXSI is different from other firewalls because it uses a “white list” approach. Rather than blocking the attacks it knows, and accepting the rest of the flow, it blocks all flows by default and only accepts the ones it knows are legitimate. Thus, your website is protected even against new and emerging attacks.

The white list of authorized flows is created thanks to a learning module, assisted by a human. Each website thus has its own white list! This customization provides a personalized, thus more efficient, protection of your websites.

NAXSI, an Open Source security tool

NAXSI has originally been created for the protection of our clients, and has been registered under Free License since it was published.

This tool is constantly evolving thanks to the intensive watch of our security team, but also to the contribution of the community. Feel free to send us your feedback through the survey on the ptoject’s Github page!

[NAXSI’s Github]


NAXSI, your peace of mind

Module of the famous Reverse Proxy NGINX

No performance loss

No update necessary

Well-known as an OWASP project