# Upgrade Your Reverse Proxy/API Gateway When an Agent is Installed One of the possible deployments for open-appsec is a Linux agent installed on top of a [supported Reverse Proxy](https://docs.openappsec.io/getting-started/start-with-linux). If you wish to upgrade the Reverse Proxy while the agent is installed, follow the steps described in this documentation page. {% tabs %} {% tab title="NGINX" %} #### Step 1: **Delete the agent module's load\_module line** * Locate your nginx *modules* folder path by running:\ nginx -V\ and look for the value of the "--modules-path" parameter.\ It is usually /usr/share/nginx/modules or /usr/lib/nginx/modules * Via command line access to the machine with the NGINX server and the agent, edit the following file:\ \&#xNAN;*/etc/nginx/nginx.conf* * **Delete** the following line (look for the path located previously):\ \&#xNAN;*load\_module /\/ngx\_cp\_attachment\_module.so;* #### Step 2: Comment out the agent module's configuration lines * Edit all files in the paths */etc/nginx/conf.d/\** or */etc/nginx/sites\_enabled/\** * Comment out (add '#' in the beginning of the line) all the lines, if exist, that begin with:\ \&#xNAN;*cp-nano-nginx-attachment* * If you added manually additional lines in other server configuration files - comment them out as well. #### Step 3: Run a test command Run the command '*nginx -t*'. You should see it print out "*test is successful*". #### Step 4: Upgrade the NGINX's software version Run any commands you intended to run in order to upgrade the NGINX's software version #### Step 5: Stop and start the agent, while triggering deployment of a new attachment Run the following commands:\ \&#xNAN;*cpnano -q*\ *rm -rf /etc/cp/packages*\ *rm /etc/cp/conf/manifest.json*\ *cpnano -r* #### Step 6: Verify the agent has restarted After one minute that the agent has restarted successfully using the following command:\ \&#xNAN;*cpnano -s* Last update status should state “Succeeded” and Last update should show a time in the scope of the last few minutes. #### Step 7: Undo the changes done in step 2 Remove the "comment out" character ('#') from all the lines it was added to in step 2 (In the paths */etc/nginx/conf.d/\** or */etc/nginx/sites\_enabled/\** ) #### Step 8: NGINX reload Run the following commands:\ \&#xNAN;*nginx -s reload*\ *systemctl restart nginx* {% endtab %} {% tab title="Kong Gateway" %} **Step 1: Delete the agent module's load\_module line** * Locate your nginx *modules* folder path by running:\ /usr/local/openresty/nginx/sbin/nginx -V\ and look for the value of the "--modules-path" parameter.\ It is usually /usr/share/nginx/modules or /usr/lib/nginx/modules * Via command line access to the machine with the NGINX server and the agent, edit the following file:\ /usr/local/kong/nginx.conf * **Delete** the following lines (look for the path located previously):\ \&#xNAN;*load\_module /\/open\_appsec\_ngx\_module.so;*\ *cp\_worker\_processes auto;* **Step 2: Run a test command** Run the command '*/usr/local/openresty/nginx/sbin/nginx -p /usr/local/kong -c nginx.conf -t*'. You should see it print out "*test is successful*". **Step 3: Upgrade the Kong Gateway's software version** Run any commands you intended to run in order to upgrade the Kong Gateway's software version **Step 4: Backup your declarative policy (optional)** If you are using a declarative policy, copy your local configuration to a new folder by running: open-appsec-ctl --list-policies\ cp \ \ **Step 5: Stop the agent and re-deploy attachment** Run the following commands:\ \&#xNAN;*open-appsec-ctl -q*\ *rm /etc/cp/conf/manifest.json* Run the open-appsec install command:\ \&#xNAN;*wget && chmod +x open-appsec-install*\ ./open-appsec-install --auto **Step 6: Restore you declarative policy (optional)** Copy your backed up declarative policy to the original folder:\ cp \ \ **Step 7: Verify the agent has restarted** After one minute that the agent has restarted successfully use the following command:\ \&#xNAN;*open-appsec-ctl -s*\ Last update status should state “Succeeded” and Last update should show a time in the scope of the last few minutes. {% endtab %} {% endtabs %}