gixy

Analyze nginx configuration (default path: /etc/nginx/nginx.conf)

$ gixy

$ gixy --skips [http_splitting]

$ gixy [-l|-ll|-lll]

$ gixy [path/to/configuration_file_1] [path/to/configuration_file_2]

gixy /path/to/nginx.conf

/path/to/nginx.conf
    Path to the Nginx configuration file to analyze.

Gixy is a tool to analyze NGINX configuration files. Its main goal is to prevent security misconfiguration and automate error detection.
Gixy can detect a variety of security issues, including: Use of dangerous functions like 'eval', Buffer overflows, Code injection, HTTP Parameter Pollution, and Denial-of-Service attacks.
Gixy parses the Nginx config file and uses a set of rules to identify potential issues. It provides a user-friendly output, showing the location of the problem in the config file, a description of the problem, and recommended solutions.
It is designed for ease of use and can be integrated into continuous integration and continuous delivery pipelines to ensure secure Nginx configurations. The rules are updated regularly to keep up with the latest security threats and best practices. Gixy is a valuable tool for anyone who manages Nginx servers.

Gixy outputs a report detailing any found issues. The output usually includes the severity of the issue, the file and line number where the issue was found, a description of the issue, and potential solutions. The output is designed to be human-readable and easily integrated into automated workflows.

Gixy's rule set is continuously updated. The rules cover a wide range of potential Nginx security issues, including common misconfigurations, vulnerabilities, and best practices. The rules are written in Python and can be easily extended or customized to meet specific needs.

Gixy was developed by Yandex Security Team. It was designed to automate the process of reviewing Nginx configurations for security vulnerabilities and best practices. It is widely used within the company and has been released as an open-source tool to benefit the broader Nginx community.

nginx(8)