Deploy open-appsec directly on the web server hosting the application to protect
open-appsec instaltion
Follow the steps described below to deploy open-appsec:
Install open-appsec for LinuxAdjustments for NGINX Hosting the Protected Website:
If NGINX hosts the protected website on the same Linux host or container, follow these additional steps to change the port and configure the reverse proxy:
Open NGINX Configuration File: Using a text editor of your choice, open the NGINX configuration file. Typically, this file is located at
/etc/nginx/nginx.conf
or in a directory included by the main configuration file.sudo nano /etc/nginx/nginx.conf
Locate the
listen
Directive: Within the NGINX configuration file, locate thelisten
directive associated with the HTTP (port 80) and HTTPS (port 443) server blocks. These directives specify the ports on which NGINX listens for incoming connections.server { listen 81; # Change this line to listen on port 81 ... }
server { listen 444 ssl; # Change this line to listen on port 444 ... }
Update
listen
Directives: Modify thelisten
directives to use the desired ports (e.g., 81 for HTTP and 444 for HTTPS).Configure Reverse Proxy: After updating the
listen
directives, configure NGINX to act as a reverse proxy by directing traffic from ports 80 and 443 to ports 81 and 444 respectively.server { listen 80; server_name your_domain.com; location / { proxy_pass http://localhost:81; # Forward traffic to port 81 ... } } server {
listen 443 ssl; server_name your_domain.com; location / { proxy_pass https://localhost:444; # Forward traffic to port 444 ... } }
Replace
your_domain.com
with your actual domain name.Save and Close the File: After making the changes, save the NGINX configuration file and exit the text editor.
Test NGINX Configuration: Before restarting NGINX, it's recommended to test the configuration for syntax errors:
sudo nginx -t
If the test is successful, you should see a message indicating that the configuration file syntax is okay.
Restart NGINX: Finally, restart NGINX to apply the changes:
sudo systemctl restart nginx
NGINX will now listen on the new ports (81 for HTTP and 444 for HTTPS) and forward incoming traffic to the appropriate ports for the protected application.
Last updated
Was this helpful?