Hi,
The fp-reporter was just a POC of what you can do to handle false
positives on your website, and is not supported (i can't even find it
on our github repo or in the old google code repo, and from a quick
look, the script seems do not do anything with data besides displaying
it back to the user, and is vulnerable to XSS so please, don't use it
like this :)).
The forbidden.php seems to be a typo, you should read fp-reporter.php.
If you want to use it, the basic idea to redirect the user on this
file when naxsi blocks a request, for example if nginx is used as a
reverse-proxy (and the DeniedURL is set to /RequestDenied):
location /RequestDenied {
proxy_pass
http://10.0.01/fp-reporter.php;
}.
Also, do not use the package provided by brightbox as it uses a very
old naxsi version (0.48 was released more than 2 years ago). You
should get the source code from the repo
(
https://github.com/nbs-system/naxsi/) and compile nginx yourself (you
can use this guide to help you :
https://github.com/nbs-system/naxsi/wiki/installation)