# Deploy open-appsec directly on the web server hosting the application to protect ### open-appsec instaltion Follow the steps described below to deploy open-appsec: {% content-ref url="/pages/ongBhoz9sKZqGzExmUEn" %} [Install open-appsec for Linux](/getting-started/start-with-linux/install-open-appsec-for-linux.md) {% endcontent-ref %} ### **Adjustments for NGINX Hosting the Protected Website:** If NGINX hosts the protected website on the same Linux host or container, follow these additional steps to change the port and configure the reverse proxy: 1. **Open NGINX Configuration File:** Using a text editor of your choice, open the NGINX configuration file. Typically, this file is located at `/etc/nginx/nginx.conf` or in a directory included by the main configuration file. ```bash sudo nano /etc/nginx/nginx.conf ``` 2. **Locate the `listen` Directive:** Within the NGINX configuration file, locate the `listen` directive associated with the HTTP (port 80) and HTTPS (port 443) server blocks. These directives specify the ports on which NGINX listens for incoming connections. ```nginx server { listen 81; # Change this line to listen on port 81 ... } ``` ```nginx server { listen 444 ssl; # Change this line to listen on port 444 ... } ``` 3. **Update `listen` Directives:** Modify the `listen` directives to use the desired ports (e.g., 81 for HTTP and 444 for HTTPS). 4. **Configure Reverse Proxy:** After updating the `listen` directives, configure NGINX to act as a reverse proxy by directing traffic from ports 80 and 443 to ports 81 and 444 respectively. ```nginx server { listen 80; server_name your_domain.com; location / { proxy_pass http://localhost:81; # Forward traffic to port 81 ... } } server { ``` ```nginx listen 443 ssl; server_name your_domain.com; location / { proxy_pass https://localhost:444; # Forward traffic to port 444 ... } } ``` Replace `your_domain.com` with your actual domain name. 5. **Save and Close the File:** After making the changes, save the NGINX configuration file and exit the text editor. 6. **Test NGINX Configuration:** Before restarting NGINX, it's recommended to test the configuration for syntax errors: ```bash sudo nginx -t ``` If the test is successful, you should see a message indicating that the configuration file syntax is okay. 7. **Restart NGINX:** Finally, restart NGINX to apply the changes: ```bash sudo systemctl restart nginx ``` NGINX will now listen on the new ports (81 for HTTP and 444 for HTTPS) and forward incoming traffic to the appropriate ports for the protected application. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.openappsec.io/troubleshooting/troubleshooting-guides/deploy-open-appsec-directly-on-the-web-server-hosting-the-application-to-protect.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.