github
/
gixy
mirror of https://github.com/yandex/gixy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
NGINX 配置分析工具
33 Commits
5 Branches
10 Tags
955 KiB
Python 98.8%
Jinja 1.1%
 
 
Go to file
Andrew Krasichkov acf5039863 Added makefile 2017-04-16 21:57:26 +03:00
docs Added logo 2017-04-10 11:22:43 +03:00
gixy Version up to 0.1.0 2017-04-08 09:38:37 +03:00
tests [tests] test nested block in add_header_redefinition plugin (#10) 2017-04-11 18:18:51 +03:00
.gitignore Initial commit 2017-03-31 01:12:44 +03:00
.travis.yml TravisCI (#9) 2017-04-08 09:12:23 +03:00
AUTHORS Initial commit 2017-03-31 01:12:44 +03:00
CONTRIBUTING.md Initial commit 2017-03-31 01:12:44 +03:00
LICENSE Initial commit 2017-03-31 01:12:44 +03:00
MANIFEST.in Initial commit 2017-03-31 01:12:44 +03:00
Makefile Added makefile 2017-04-16 21:57:26 +03:00
README.md Update README.md 2017-04-11 19:13:19 +03:00
requirements.dev.pip Initial commit 2017-03-31 01:12:44 +03:00
requirements.pip Initial commit 2017-03-31 01:12:44 +03:00
setup.py Minor improvements 2017-04-08 09:38:22 +03:00
tox.ini Initial commit 2017-03-31 01:12:44 +03:00

README.md

GIXY

Mozilla Public License 2.0 Build Status Your feedback is greatly appreciated GitHub issues GitHub pull requests

Overview

Gixy is a tool for Nginx configuration analyzing. The main goal of Gixy is to prevent misconfiguration and automate flaw detection.

Currently supported Python versions is 2.7 and 3.5+.

Disclaimer: Gixy is well tested only on GNU/Linux, in other OS may have some issues.

Installation

Gixy is distributed on PyPI. The best way to install it is with pip:

pip install gixy

Run Gixy and check results:

gixy

Usage

By default Gixy will try to analyze Nginx configuration placed in /etc/nginx/nginx.conf.

But you always can specify needed path:

$ gixy /etc/nginx/nginx.conf

==================== Results ===================

Problem: [http_splitting] Possible HTTP-Splitting vulnerability.
Description: Using variables that can contain "\n" may lead to http injection.
Additional info: https://github.com/yandex/gixy/blob/master/docs/ru/plugins/httpsplitting.md
Reason: At least variable "$action" can contain "\n"
Pseudo config:
include /etc/nginx/sites/default.conf;

	server {

		location ~ /v1/((?<action>[^.]*)\.json)?$ {
			add_header X-Action $action;
		}
	}


==================== Summary ===================
Total issues:
    Unspecified: 0
    Low: 0
    Medium: 0
    High: 1

Or skip some tests:

$ gixy --skips http_splitting /etc/nginx/nginx.conf

==================== Results ===================
No issues found.

==================== Summary ===================
Total issues:
    Unspecified: 0
    Low: 0
    Medium: 0
    High: 0

Or something else, you can find all other gixy arguments with the help command: gixy --help

Documentation

Full documentation and recommendations can be found here (sorry, but Russian language only so far)

Contributing

Contributions to Gixy are always welcome! You can help us in different ways:

  • Open an issue with suggestions for improvements and errors you're facing;
  • Fork this repository and submit a pull request;
  • Improve the documentation.

Code guidelines:

  • Python code style should follow pep8 standards whenever possible;
  • Pull requests with new plugins must contain unit tests for it.