You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Content reviewed and edited for readability based on Flesch-Kincaid Readability Score.
Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com>
- Deploys both NGINX and WAF components within containers.
@@ -55,8 +55,8 @@ NGINX App Protect WAF v5 supports a range of deployment scenarios to meet variou
55
55
- Ideal for scalable, cloud-native environments.
56
56
57
57
3.[NGINX on Host/VM with Containerized WAF]({{< ref "/nap-waf/v5/admin-guide/install.md" >}})
58
-
- NGINX is operated directly on the host system or a virtual machine, with WAF components deployed in containers.
59
-
- Perfect for situations where NGINX is already in use on host systems, allowing for the addition of WAF components without disrupting the existing NGINX setup.
58
+
- NGINX operates on the host system or a virtual machine. WAF components are deployed in containers.
59
+
- Perfect for situations where NGINX is already in use on host systems. Addition of WAF components will not disrupt the existing NGINX setup.
60
60
61
61
## NGINX App Protect WAF Compiler
62
62
@@ -70,41 +70,41 @@ For signature updates, read the [Update App Protect Signatures]({{< ref "/nap-wa
70
70
71
71
## Transitioning from NGINX App Protect WAF v4 to v5
72
72
73
-
Upgrading directly from v4 to v5 is not supported due to architectural changes in NGINX App Protect WAF v5.
73
+
Upgrading from v4 to v5 is not supported due to architectural changes in NGINX App Protect WAF v5.
74
74
75
75
{{< note >}}
76
-
We recommend that you deploy the NGINX App Protect WAF v5 in a staging environment. Only after you compile policies with WAF compiler and test the enforcement should you transfer the traffic from the v4 to v5. This keeps the v4 deployment for backup.
76
+
We recommend that you deploy the NGINX App Protect WAF v5 in a staging environment. Compile policies with WAF compiler and test the enforcement before you transfer the traffic from the v4 to v5. This keeps the v4 deployment for backup.
77
77
{{< /note >}}
78
78
79
-
1. Back up your NGINX App Protect WAF configuration files, such as NGINX configurations, JSON policies, logging profiles, user-defined signatures, and global settings.
79
+
1. Back up your NGINX App Protect WAF configuration files. These include NGINX configurations, JSON policies, logging profiles, user-defined signatures, and global settings.
80
80
81
-
1. Install NGINX App Protect WAF 5 (using either nginx OSS or nginx-plus based on the need of customer's application).
81
+
2. Install NGINX App Protect WAF 5. Use either nginx OSS or nginx-plus based on the need of customer's application.
-[Deploying NGINX App Protect WAF on Docker]({{<ref "/nap-waf/v5/admin-guide/deploy-on-docker.md">}})
84
84
-[Deploying NGINX App Protect WAF on Kubernetes]({{<ref "/nap-waf/v5/admin-guide/deploy-with-helm.md">}})
85
85
86
-
1. Compile your `.json` policies and logging profiles to `.tgz` bundles using [compiler-image]({{<ref "/nap-waf/v5/admin-guide/compiler.md">}}) because NGINX App Protect WAF v5 supports policies and logging profiles in a compiled bundle format only.
86
+
3. Compile your `.json` policies and logging profiles to `.tgz` bundles using [compiler-image]({{<ref "/nap-waf/v5/admin-guide/compiler.md">}}). NGINX App Protect WAF v5 supports policies and logging profiles in a compiled bundle format only.
87
87
88
88
{{< note >}}
89
-
If you were previously using a default [logging profile]({{<ref "/nap-waf/v5/admin-guide/deploy-on-docker.md#using-policy-and-logging-profile-bundles">}}) JSON like `/opt/app_protect/share/defaults/log_all.json`, you can replace it with the default constant such as `log_all`, and then you will not need to explicitly compile the logging profile into a bundle.
89
+
If you were previously using a default [logging profile]({{<ref "/nap-waf/v5/admin-guide/deploy-on-docker.md#using-policy-and-logging-profile-bundles">}}) JSON like `/opt/app_protect/share/defaults/log_all.json`, you can replace it with the default constant such as `log_all`, and then you will not need to compile the logging profile into a bundle.
1. Replace the `.json` references in nginx.conf with the above created `.tgz`[bundles]({{<ref "/nap-waf/v5/admin-guide/install.md#using-policy-and-logging-profile-bundles">}}).
97
+
4. Replace the `.json` references in nginx.conf with the above created `.tgz`[bundles]({{<ref "/nap-waf/v5/admin-guide/install.md#using-policy-and-logging-profile-bundles">}}).
98
98
99
-
1. Make sure that `.tgz` bundles references are accessible to the `waf-config-mgr` container.
99
+
5. Make sure that `.tgz` bundles references are accessible to the `waf-config-mgr` container.
100
100
101
-
1. Restart the deployment if it has already been initiated. Additionally, restart NGINX if utilizing the VM + containers deployment type. After the migrations, check that the NGINX process is running in the NGINX error log and there are no issues.
101
+
6. Restart the deployment if it has already initiated. Additionally, restart NGINX if utilizing the VM + containers deployment type. After the migrations, check that the NGINX process is running in the NGINX error log and there are no issues.
102
102
103
103
104
104
---
105
105
106
106
## Troubleshooting and FAQs
107
107
108
-
See common deployment challenges and solutions to ensure a smooth setup process in the [Troubleshooting Guide]({{< ref "/nap-waf/v5/troubleshooting-guide/troubleshooting.md#nginx-app-protect-5" >}}).
108
+
Review the [Troubleshooting Guide]({{< ref "/nap-waf/v5/troubleshooting-guide/troubleshooting.md#nginx-app-protect-5" >}}) for common deployment challenges and solutions to ensure a smooth setup process.
109
109
110
110
Docker images for NGINX App Protect WAF v5 are built using Ubuntu 22.04 (Jammy) binaries.
0 commit comments