Module 7 - Install and Enable NGINX App Protect DoS¶

In this module you will install and enable NGINX App Protect DoS on NAP DOS 1 and NAP DOS 2

NGINX App Protect DoS directives:

load_module - This command will load the dynamic module into NGINX Plus. Located in the main context
app_protect_dos_enable - Enable/Disable App Protect DoS module. It can be located in the location, server or http contexts.
app_protect_dos_monitor - This directive is how App Protect monitors stress level of the protected resources. There are 3 arguments for this directive:
- URI - a mandatory argument, this is the destination to the protected resources
- Protocol - an optional argument, this is the protocol of the protected resource ( http1, http2, grpc) http1 is the default
- Timeout - determines how many seconds App Protect waits for a response. The default is 10 seconds for http1 and http2 and 5 seconds for grpc
app_protect_dos_security_log_enable - Enable/Disable App Protect DoS security logger
app_protect_dos_security_log - This directive takes two arguments, first is the configuration file path and the second is the destination where events will be sent

Install NGINX App Protect DoS¶

Open the WebShell of “NAP DOS 1” VM (UDF > Components > Systems > NAP DOS 1 > Access > Web Shell)
Install NGINX App Protect
```
apt install -y app-protect-dos
```

Enable NGINX App Protect DoS configuration by copying the /etc/nginx/nginx.conf.dos file over the existing /etc/nginx/nginx.conf file.
```
cp /etc/nginx/nginx.conf.dos /etc/nginx/nginx.conf
```
Optionally, view the contents of /etc/nginx/nginx.conf in a text editor. As a reminder, the NGINX App Protect DoS configuration directives start with app_protect_dos_*.

Restart NGINX

service nginx restart
service nginx status

If NGINX restarted successfully, the restart command will complete successfully and status will return that NGINX is active (running).

Previous Next