Since its 0.53 release, naxsi comes with a predefined set of rules with the following id:
1 - “weird request” : This a generic exception used for improperly formatted requests.2 - “big request” : Request is too big and has been buffered to disk by nginx.10 - “uncommon hex encoding” : Encoding suggests this might be an escape attempt.11 - “uncommon content-type” : Content-type of BODY is unknown / cannot be parsed.12 - “uncommon URL” : URL is malformed13 - “uncommon post format” : malformed boundary or content-disposition14 - “uncommon post boundary” : BODY boundary line is malformed, or boundary breaks RFC15 - invalid JSON - gets parsed when application/json is detected (experimental as of summer 2014)16 - “empty body” : POST with empty BODY, available since naxsi 0.53-1, was merged with id:11 before.17 - “Libinjection SQL” : Libinjection SQL detection was triggered.18 - “Libinjection XSS” : Libinjection XSS detection was triggered.Naxsi ships with a basic core-rule-set that protects against common attacks. Those Core-Rules should always be loaded.