# Agent Fails to Recognize HTTP Transactions with NGINX

**1. Check Your NGINX Proxy Configuration**

Ensure that you have correctly configured an NGINX proxy in front of your web application. The NGINX proxy serves as a reverse proxy and plays a crucial role in routing traffic through the open-appsec agent. Here's how to check your NGINX proxy configuration:

a. Open your NGINX configuration file, typically located in `/etc/nginx/nginx.conf` or `/etc/nginx/sites-available/`

b. Confirm that you have defined a location block that proxies traffic to your web application. It should look something like this:

```nginx
location / {
    proxy_pass http://your-web-application;
    # Additional proxy settings if needed
}
```

Replace `http://your-web-application` with the actual address of your web application.

c. Save the configuration file and exit.

**If NGINX also hosts the protected website on the same Linux host or container, follow the instructions below:**

{% content-ref url="deploy-open-appsec-directly-on-the-web-server-hosting-the-application-to-protect" %}
[deploy-open-appsec-directly-on-the-web-server-hosting-the-application-to-protect](https://docs.openappsec.io/troubleshooting/troubleshooting-guides/deploy-open-appsec-directly-on-the-web-server-hosting-the-application-to-protect)
{% endcontent-ref %}

**2. Restart NGINX** 

After making changes to the NGINX configuration, you'll need to restart NGINX to apply the changes. Use the following command to restart NGINX:

```bash
sudo service nginx restart
```

**3. Test Traffic Flow**

To confirm that traffic is correctly passing through the open-appsec agent, perform the following tests:

a. mimic an attack on your web application and observe whether the open-appsec agent logs any activity, you can use the following attack to test. 

```bash
http://<IP>:<PORT>/?shell_cmd=cat/etc/passwd 
```