If you're experiencing issues with your WAF agent not recognizing traffic, follow these steps to troubleshoot and resolve the problem
1. Check Your NGINX Proxy Configuration
Ensure that you have correctly configured an NGINX proxy in front of your web application. The NGINX proxy serves as a reverse proxy and plays a crucial role in routing traffic through the open-appsec agent. Here's how to check your NGINX proxy configuration:
a. Open your NGINX configuration file, typically located in /etc/nginx/nginx.conf or /etc/nginx/sites-available/
b. Confirm that you have defined a location block that proxies traffic to your web application. It should look something like this:
location / {
proxy_pass http://your-web-application;
# Additional proxy settings if needed
}Replace http://your-web-application with the actual address of your web application.
c. Save the configuration file and exit.
If NGINX also hosts the protected website on the same Linux host or container, follow the instructions below:
Deploy open-appsec directly on the web server hosting the application to protect2. Restart NGINX
After making changes to the NGINX configuration, you'll need to restart NGINX to apply the changes. Use the following command to restart NGINX:
sudo service nginx restart3. Test Traffic Flow
To confirm that traffic is correctly passing through the open-appsec agent, perform the following tests:
a. mimic an attack on your web application and observe whether the open-appsec agent logs any activity, you can use the following attack to test.
Last updated
Was this helpful?
Was this helpful?
http://<IP>:<PORT>/?shell_cmd=cat/etc/passwd