Deploy open-appsec directly on the web server hosting the application to protect

open-appsec instaltion

Follow the steps described below to deploy open-appsec:

pageInstall open-appsec for Linux

Adjustments for NGINX Hosting the Protected Website:

If NGINX hosts the protected website on the same Linux host or container, follow these additional steps to change the port and configure the reverse proxy:

  1. Open NGINX Configuration File: Using a text editor of your choice, open the NGINX configuration file. Typically, this file is located at /etc/nginx/nginx.conf or in a directory included by the main configuration file.

    sudo nano /etc/nginx/nginx.conf
  2. Locate the listen Directive: Within the NGINX configuration file, locate the listen directive associated with the HTTP (port 80) and HTTPS (port 443) server blocks. These directives specify the ports on which NGINX listens for incoming connections.

    server {
        listen 81;  # Change this line to listen on port 81
        ...
    }
    server {
        listen 444 ssl;  # Change this line to listen on port 444
        ...
    }
  3. Update listen Directives: Modify the listen directives to use the desired ports (e.g., 81 for HTTP and 444 for HTTPS).

  4. Configure Reverse Proxy: After updating the listen directives, configure NGINX to act as a reverse proxy by directing traffic from ports 80 and 443 to ports 81 and 444 respectively.

    server {
        listen 80;
        server_name your_domain.com;
    
        location / {
            proxy_pass http://localhost:81;  # Forward traffic to port 81
            ...
        }
    }
    server {
        listen 443 ssl;
        server_name your_domain.com;
    
        location / {
            proxy_pass https://localhost:444;  # Forward traffic to port 444
            ...
        }
    }

    Replace your_domain.com with your actual domain name.

  5. Save and Close the File: After making the changes, save the NGINX configuration file and exit the text editor.

  6. Test NGINX Configuration: Before restarting NGINX, it's recommended to test the configuration for syntax errors:

    sudo nginx -t

    If the test is successful, you should see a message indicating that the configuration file syntax is okay.

  7. Restart NGINX: Finally, restart NGINX to apply the changes:

    sudo systemctl restart nginx

    NGINX will now listen on the new ports (81 for HTTP and 444 for HTTPS) and forward incoming traffic to the appropriate ports for the protected application.

Last updated