fix: add explicit .md to all docs links

Seems that now Github does not anymore resolve [link](link) to (link.md) in web file viewer.

docs/checkrules-bnf.md

@@ -1,6 +1,6 @@
 # Checkrules
 
-CheckRules instruct naxsi to take an action (`LOG`, `BLOCK`, `DROP`, `ALLOW`) based on a specific score associated to the request. This _score_ has usually been set by one or several [rule(s)](rules-bnf).
+CheckRules instruct naxsi to take an action (`LOG`, `BLOCK`, `DROP`, `ALLOW`) based on a specific score associated to the request. This _score_ has usually been set by one or several [rule(s)](rules-bnf.md).
 
 `CheckRule` must be present at location level.
 
@@ -19,7 +19,7 @@ If the `$SQL` is equal or superior to '8', apply BLOCK flag to the request. Requ
 ### Other Usages
 
 `CheckRule(s)` can as well be used to mix white and black-lists.
-Having a configuration mixing virtual-patching (see [rules](rules-bnf)) and `naxsi_core.rules`, it is possible to have :
+Having a configuration mixing virtual-patching (see [rules](rules-bnf.md)) and `naxsi_core.rules`, it is possible to have :
 
 ```
 CheckRule "$UWA >= 4" DROP;

docs/directives.md

@@ -43,7 +43,7 @@ LearningMode;
 ```
 
 Keep in mind that internal rules (those with an `id` inferior to 1000) will drop the request even in learning mode, because it means that something fishy is going on, since naxsi can't correctly process the request.
-You can of course apply [whitelist](whitelists-bnf) if those are false-positives.
+You can of course apply [whitelist](whitelists-bnf.md) if those are false-positives.
 
 ## SecRulesEnabled
  * alias: rules_enabled
@@ -61,36 +61,36 @@ You can of course apply [whitelist](whitelists-bnf) if those are false-positives
  * alias: check_rule
  * context: location
 
-See [CheckRule](checkrules-bnf)
+See [CheckRule](checkrules-bnf.md)
 
 ## BasicRule
  * alias: basic_rule
  * context: location
 
-A directive used to declare a [rule](rules-bnf) or a [whitelist](whitelist-bnf).
+A directive used to declare a [rule](rules-bnf.md) or a [whitelist](whitelist-bnf.md).
 
 ## MainRule
  * alias: main_rule
  * context: http
 
-A directive used to declare a [rule](rule-bnf) or a [whitelist](whitelist-bnf).
+A directive used to declare a [rule](rule-bnf.md) or a [whitelist](whitelist-bnf.md).
 
 ## LibInjectionXss
  * alias: libinjection_xss
  * context: location
 
-A directive to enable [libinjection's xss detection](libinjection-integration) on *all* part of the http request.
+A directive to enable [libinjection's xss detection](libinjection-integration.md) on *all* part of the http request.
 
 ## LibInjectionSql
  * alias: libinjection_sql
  * context: location
 
-A directive to enable [libinjection's sqli detection](libinjection-integration) on *all* part of the http request.
+A directive to enable [libinjection's sqli detection](libinjection-integration.md) on *all* part of the http request.
 
 ## naxsi_extensive_log
  * context: server
 
-A flag that can be set at [runtime](runtime-modifiers) to enable [naxsi extensive logs](naxsilogs#naxsi_exlog).
+A flag that can be set at [runtime](runtime-modifiers.md) to enable [naxsi extensive logs](naxsilogs.md#naxsi_exlog).
 
 ```
 server {
@@ -123,7 +123,7 @@ TODO DOCUMENTATION
 ## naxsi_flag_enable
  * context: server
 
-A flag that can be set at [runtime](runtime-modifiers) to enable or disable naxsi.
+A flag that can be set at [runtime](runtime-modifiers.md) to enable or disable naxsi.
 
 ```
 server {
@@ -137,7 +137,7 @@ server {
 ## naxsi_flag_learning
  * context: server
 
-A flag that can be set at [runtime](runtime-modifiers) to enable or disable learning.
+A flag that can be set at [runtime](runtime-modifiers.md) to enable or disable learning.
 
 ```
 server {
@@ -151,7 +151,7 @@ server {
 ## naxsi_flag_libinjection_sql
  * context: server
 
-A flag that can be set at [runtime](runtime-modifiers) to enable or disable [libinjection's sql detection](libinjection-integration)
+A flag that can be set at [runtime](runtime-modifiers.md) to enable or disable [libinjection's sql detection](libinjection-integration.md)
 
 ```
 server {
@@ -164,7 +164,7 @@ server {
 
 ## naxsi_flag_libinjection_xss
 
-A flag that can be set at [runtime](runtime-modifiers) to enable or disable [libinjection's xss detection](libinjection-integration)
+A flag that can be set at [runtime](runtime-modifiers.md) to enable or disable [libinjection's xss detection](libinjection-integration.md)
 
 ```
 server {

docs/index.md

@@ -1,37 +1,37 @@
 1. Introduction
-   - [x] [README](../README)
+   - [x] [README](../README.md)
 1. Setup
-   - [x] [compiling nginx+naxsi](naxsi-compile)
-   - [x] [Basic nginx/naxsi configuration](naxsi-setup)
+   - [x] [compiling nginx+naxsi](naxsi-compile.md)
+   - [x] [Basic nginx/naxsi configuration](naxsi-setup.md)
 1. Naxsi Configuration Directives
-   - [x] [whitelists](whitelists-bnf)
-   - [x] [rules](rules-bnf)
-   - [x] [checkrules](checkrules-bnf)
-   - [x] [requestdenied](requestdenied-bnf)
-   - [x] [naxsi directives index](directives)
-   - [x] [zoom : matchzones](matchzones-bnf)
+   - [x] [whitelists](whitelists-bnf.md)
+   - [x] [rules](rules-bnf.md)
+   - [x] [checkrules](checkrules-bnf.md)
+   - [x] [requestdenied](requestdenied-bnf.md)
+   - [x] [naxsi directives index](directives.md)
+   - [x] [zoom : matchzones](matchzones-bnf.md)
 1. Naxsi Extras
-   - [x] [Raw Body Parsing](rawbody)
-   - [x] [libinjection integration](libinjection-integration)
-   - [x] [json support](json)
-   - [x] [runtime modifiers](runtime-modifiers)
+   - [x] [Raw Body Parsing](rawbody.md)
+   - [x] [libinjection integration](libinjection-integration.md)
+   - [x] [json support](json.md)
+   - [x] [runtime modifiers](runtime-modifiers.md)
 1. Examples
-   - [x] [whitelists examples](whitelists-examples)
-   - [x] [rules examples](rules-examples)
+   - [x] [whitelists examples](whitelists-examples.md)
+   - [x] [rules examples](rules-examples.md)
 1. Going deeper
-   - [x] [Understanding naxsi logs](naxsilogs)
-   - [x] [Runtime Modifiers](runtime-modifiers)
-   - [x] [Naxsi internal rules](internal-rules)
-   - [x] [Contributing to naxsi](Contributing)
-   - [x] [Vulnerability management](olds-Security-Advisories)
+   - [x] [Understanding naxsi logs](naxsilogs.md)
+   - [x] [Runtime Modifiers](runtime-modifiers.md)
+   - [x] [Naxsi internal rules](internal-rules.md)
+   - [x] [Contributing to naxsi](Contributing.md)
+   - [x] [Vulnerability management](olds-Security-Advisories.md)
 1. Integration
-   - [x] [Fail2Ban integration](integration-fail2ban)
-   - [x] [AppArmor profile for naxsi](integration-apparmor)
+   - [x] [Fail2Ban integration](integration-fail2ban.md)
+   - [x] [AppArmor profile for naxsi](integration-apparmor.md)
 1. Naxsi rules mamagement
-   - [x] [installing nxapi](https://github.com/nbs-system/naxsi/tree/master/nxapi)
-   - [x] [nxapi/nxtool](https://github.com/nbs-system/naxsi/tree/master/nxapi)
-   - [x] [spike](http://github.com/nbs-system/spike)
+   - [x] [installing nxapi](https://github.com/nbs-system/naxsi/tree/master/nxapi.md)
+   - [x] [nxapi/nxtool](https://github.com/nbs-system/naxsi/tree/master/nxapi.md)
+   - [x] [spike](http://github.com/nbs-system/spike.md)
    - [ ] ES/Kibana
 1. Legacy wiki
-   - [LEGACY WIKI](legacy)
-   - [Old FAQ](olds-faq)
+   - [LEGACY WIKI](legacy.md)
+   - [Old FAQ](olds-faq.md)

docs/internal-rules.md

@@ -87,13 +87,13 @@ Raised when body is empty and/or content-length is zero.
  * id: 17
  * action: ??
 
-See [libinjection](libinjection-integration).
+See [libinjection](libinjection-integration.md).
 
 ## libinjection_xss
  * id: 18
  * action: ??
 
-See [libinjection](libinjection-integration).
+See [libinjection](libinjection-integration.md).
 
 ## no_rules
  * id: 19

docs/json.md

@@ -6,7 +6,7 @@ POST/PUT request with content-type `application/json` will be handled by naxsi s
  * whitelists (or rules) for specific variable use the classic `$BODY_VAR:xx`
 
 
-However for JSON, naxsi does not keep track of depth, and has [a hardcoded limit of 10 (depth)](internal-rules#invalid_json).
+However for JSON, naxsi does not keep track of depth, and has [a hardcoded limit of 10 (depth)](internal-rules.md#invalid_json).
 
 A request :
 ```

docs/legacy.md

@@ -9,21 +9,21 @@ please notify us via issues or help us moving it to current wiki.
 
 
 
-  * [fail2ban](olds-A-fail2ban-profile-for-Naxsi)
-  * [naxsilogs](olds-naxsilogs)
-  * [naxsivsobfuscated](olds-naxsivsobfuscated)
-  * [deniedurl](olds-deniedurl)
-  * [Knownbugs](olds-Knownbugs)
-  * [rulessyntax](olds-rulessyntax)
-  * [whitelists](olds-whitelists)
-  * [basicsetup](olds-basicsetup)
-  * [Security-Advisories](olds-Security-Advisories)
-  * [libinjection](olds-libinjection)
-  * [dynamicmodifiers](olds-dynamicmodifiers)
-  * [installation](olds-installation)
-  * [Philosophy](olds-Philosophy)
-  * [faq](olds-faq)
-  * [Home](olds-Home)
-  * [naxsivsappscan](olds-naxsivsappscan)
-  * [embedded_rules](olds-embedded_rules)
-  * [testing-and-stuff](olds-testing-and-stuff)
+  * [fail2ban](olds-A-fail2ban-profile-for-Naxsi.md)
+  * [naxsilogs](olds-naxsilogs.md)
+  * [naxsivsobfuscated](olds-naxsivsobfuscated.md)
+  * [deniedurl](olds-deniedurl.md)
+  * [Knownbugs](olds-Knownbugs.md)
+  * [rulessyntax](olds-rulessyntax.md)
+  * [whitelists](olds-whitelists.md)
+  * [basicsetup](olds-basicsetup.md)
+  * [Security-Advisories](olds-Security-Advisories.md)
+  * [libinjection](olds-libinjection.md)
+  * [dynamicmodifiers](olds-dynamicmodifiers.md)
+  * [installation](olds-installation.md)
+  * [Philosophy](olds-Philosophy.md)
+  * [faq](olds-faq.md)
+  * [Home](olds-Home.md)
+  * [naxsivsappscan](olds-naxsivsappscan.md)
+  * [embedded_rules](olds-embedded_rules.md)
+  * [testing-and-stuff](olds-testing-and-stuff.md)

docs/libinjection-integration.md

@@ -6,7 +6,7 @@
 
 ### Generic Detection
 
-libinjection generic detection *must* be explicitely enabled using specific directives : [LibInjectionXss](directives#libinjectionxss) or [LibInjectionSql](directives#libinjectionsql). It can as well be enabled at runtime using [runtime modifiers](runtime-modifiers) : `naxsi_flag_libinjection_xss` and `naxsi_flag_libinjection_sql`.
+libinjection generic detection *must* be explicitely enabled using specific directives : [LibInjectionXss](directives.md#libinjectionxss) or [LibInjectionSql](directives.md#libinjectionsql). It can as well be enabled at runtime using [runtime modifiers](runtime-modifiers.md) : `naxsi_flag_libinjection_xss` and `naxsi_flag_libinjection_sql`.
 
  * Generic libinjection_xss rule has internal id 18 and increases named score `$LIBINJECTION_XSS` of 8 per match.
 
@@ -34,7 +34,7 @@ location / {
 }
 ```
 
-When generic detection is enabled, false positives can be whitelisted using id 17 ([libinjection_xss](internal-rules#libinjection_xss)) or 18 ([libinjection_sql](internal-rules#libinjection_sql)).
+When generic detection is enabled, false positives can be whitelisted using id 17 ([libinjection_xss](internal-rules.md#libinjection_xss)) or 18 ([libinjection_sql](internal-rules.md#libinjection_sql)).
 
 
 Using runtime modifiers, it might look like :

docs/naxsi-compile.md

@@ -165,7 +165,7 @@ server {
 }
 ```
 
-See [here](whitelists-bnf) and [here](whitelists-examples) for more informations about whitelists.
+See [here](whitelists-bnf.md) and [here](whitelists-examples.md) for more informations about whitelists.
 
 #### Blacklist
 

docs/naxsi-setup.md

@@ -5,13 +5,13 @@
 
   * **http {}** level : `include naxsi_core.rules`
   * **server {}** level : 
-    * [Dynamic modifiers](runtime-modifiers)
+    * [Dynamic modifiers](runtime-modifiers.md)
   * **location {}** level :
-    * [Enabled/Disabled directives](directives#secrulesenabled)
-    * [LearningMode-related directives](directives#learningmode)
-    * [Whitelists](whitelists-bnf)
-    * [CheckRules](checkrules-bnf)
-    * [RequestDenied](requestdenied-bnf)
+    * [Enabled/Disabled directives](directives.md#secrulesenabled)
+    * [LearningMode-related directives](directives.md#learningmode)
+    * [Whitelists](whitelists-bnf.md)
+    * [CheckRules](checkrules-bnf.md)
+    * [RequestDenied](requestdenied-bnf.md)
   * **location /RequestDenied**
     * return HTTP error code, post-processing ...
 
@@ -61,7 +61,7 @@ http {
 The next step is learning; however, before jumping there, ensure that you have:
  * A nginx as a webserver or reverse proxy
  * Naxsi installed and running in learning mode
- * If you perform a request such as `curl 'http://127.0.0.1:4242/?a=<>'`, you should see a [NAXSI_FMT](naxsilogs#naxsi_fmt) in your logs :
+ * If you perform a request such as `curl 'http://127.0.0.1:4242/?a=<>'`, you should see a [NAXSI_FMT](naxsilogs.md#naxsi_fmt) in your logs :
    `2016/07/12 13:27:04 [error] 14492#0: *1 NAXSI_FMT: ip=127.0.0.1&server=127.0.0.1&uri=/&learning=1&vers=0.55rc2&total_processed=1&total_blocked=1&block=1&cscore0=$XSS&score0=16&zone0=ARGS&id0=1302&var_name0=a&zone1=ARGS&id1=1303&var_name1=a, client: 127.0.0.1, server: localhost, request: "GET /?a=<> HTTP/1.1", host: "127.0.0.1:4242"`
 
 

docs/naxsilogs.md

@@ -31,7 +31,7 @@ Several groups of zone, id, var_name, cscore and score can be present in a singl
 
 ### NAXSI_EXLOG
 
-NAXSI_EXLOG is a complement to [[naxsilogs]]. Along with exceptions, it contains actual content of the matched request. While NAXSI_FMT only contains IDs and location of exception, NAXSI_EXLOG provides actual content, allowing you to easily decide if it's a false positive or not.
+NAXSI_EXLOG is a complement to [[naxsilogs.md]]. Along with exceptions, it contains actual content of the matched request. While NAXSI_FMT only contains IDs and location of exception, NAXSI_EXLOG provides actual content, allowing you to easily decide if it's a false positive or not.
 
 Learning tools uses this at his advantage. Extensive log is enabled by adding the following line in your server {} section but **out** of your location.
 
@@ -50,12 +50,12 @@ This feature is provided by [[runtime-modifiers]].
 
 "User defined" rules are supposed to have IDs > `1000`.
 
-IDs inferior `1000` are reserved for [naxsi internal rules](internal-rules), which are usually related to protocol sanity and things that cannot be expressed through regular expressions or string matches.
+IDs inferior `1000` are reserved for [naxsi internal rules](internal-rules.md), which are usually related to protocol sanity and things that cannot be expressed through regular expressions or string matches.
 
 Think twice before whitelisting one of those IDs, as it might partially/totally disable naxsi.
 
 ### Naxsi JSON Logs
 
 TODO DOCUMENTATION
 
-[directives#naxsi_json_log](directives)
+[directives.md#naxsi_json_log](directives)

docs/rawbody.md

@@ -2,7 +2,7 @@
 
 RAW_BODY (>= 0.55rc0) is a feature to allow naxsi to match patterns in content it doesn't know to parse.
 
-As stated in [internal rules](internal-rules), naxsi will bail out when it doesn't know content-type. If id:11 [bad content-type](internal-rules#uncommon_content_type) is whitelisted, then naxsi will go onto proceed all rules that are targeting `RAW_BODY`.
+As stated in [internal rules](internal-rules.md), naxsi will bail out when it doesn't know content-type. If id:11 [bad content-type](internal-rules.md#uncommon_content_type) is whitelisted, then naxsi will go onto proceed all rules that are targeting `RAW_BODY`.
 
 ie. configuration :
 

docs/rules-bnf.md

@@ -39,11 +39,11 @@ All strings *must* be lowercase, since naxsi's matches are case insensitive.
 
 **s** is the score section. You can create "named" counters: `s:$FOOBAR:4` will increase counter `$FOOBAR` value by 4. One rule can increase several scores: `s:$FOO:4,$BAR:8` will increase both `$FOO` by 4 and `$BAR` by 8. 
 A rule can as well directly specifiy an action such a BLOCK (blocks the request in non-learning mode) or DROP (blocks the request **even** in learning mode)
-Named scores are later handled by [CheckRules](checkrules-bnf).
+Named scores are later handled by [CheckRules](checkrules-bnf.md).
 
 ### MatchZone (mz:...)
 
-Please refer to [Match Zones](matchzones-bnf) for details.
+Please refer to [Match Zones](matchzones-bnf.md) for details.
 
 **mz** is the match zone, defining which part of the request will be inspected by the rule.
 

docs/rules-examples.md

@@ -1,4 +1,4 @@
-Go to [Rules Explanation](rules-bnf)
+Go to [Rules Explanation](rules-bnf.md)
 
 
  * [generic rules](#generic-rules)
@@ -87,7 +87,7 @@ MainRule "rx:\.ph|\.asp|\.ht" "msg:asp/php file upload!" "mz:FILE_EXT" "s:$UPLOA
 ### Raw Body
 
 Raw Body zone is meant for the content-types that naxsi can't parse (XML, java serialized objects, unorthodox developments).
-See [RAW_BODY](zoom-rawbody) for details on RAW_BODY behaviour.
+See [RAW_BODY](rawbody.md) for details on RAW_BODY behaviour.
 
 ```
 MainRule "id:4241" "s:DROP" "str:RANDOMTHINGS" "mz:RAW_BODY";

docs/runtime-modifiers.md

@@ -63,7 +63,7 @@ If `naxsi_flag_learning` variable is present, this value will override naxsi's c
 
 ### naxsi_flag_post_action
 
-[post_action](http://wiki.nginx.org/HttpCoreModule#post_action) can be used by naxsi to literally forward a request to the [DeniedUrl](directives#deniedurl) location. It is on by default until naxsi 0.50 (a souvenir from ̀nx_intercept`) and is off by default since 0.51, because of the switch to [nxtool](https://github.com/nbs-system/naxsi/tree/master/nxapi).
+[post_action](http://wiki.nginx.org/HttpCoreModule#post_action) can be used by naxsi to literally forward a request to the [DeniedUrl](directives.md#deniedurl) location. It is on by default until naxsi 0.50 (a souvenir from ̀nx_intercept`) and is off by default since 0.51, because of the switch to [nxtool](https://github.com/nbs-system/naxsi/tree/master/nxapi).
 Using this might lead to unpredictable behavior
 Can be set to 0 or 1
 
@@ -88,18 +88,18 @@ Because of a potential impact on performance, use this with caution. Naxsi will
  NAXSI_EXLOG: ip=%V&server=%V&uri=%V&id=%d&zone=%s&var_name=%V&content=%V
 ```
 
-See [naxsi logs](naxsilogs) for more details.
+See [naxsi logs](naxsilogs.md) for more details.
 
 
 ### naxsi_flag_libinjection_sql
 
-If set to "1", naxsi will pass every parsed content to [libinjection](libinjection-integration) and ask for SQL injection detection.
-If the libinjection matches, internal rule [libinjection_sql is fired ](internal-rules#libinjection_sql).
+If set to "1", naxsi will pass every parsed content to [libinjection](libinjection-integration.md) and ask for SQL injection detection.
+If the libinjection matches, internal rule [libinjection_sql is fired ](internal-rules.md#libinjection_sql).
 
 ### naxsi_flag_libinjection_xss
 
-If set to "1", naxsi will pass every parsed content to [libinjection](libinjection-integration) and ask for XSS detection.
-If the libinjection matches, internal rule [libinjection_xss is fired ](internal-rules#libinjection_xss).
+If set to "1", naxsi will pass every parsed content to [libinjection](libinjection-integration.md) and ask for XSS detection.
+If the libinjection matches, internal rule [libinjection_xss is fired ](internal-rules.md#libinjection_xss).
 
 
 ### naxsi_json_log