NGINX Modern Apps > Class 5 - NGINX App Protect WAF & DoS Source | Edit on
Module 7 - Install and Enable NGINX App Protect DoS¶
In this module you will install and enable NGINX App Protect DoS on NAP DOS 1 and NAP DOS 2
NGINX App Protect DoS directives:
- load_module - This command will load the dynamic module into NGINX Plus. Located in the main context
- app_protect_dos_enable - Enable/Disable App Protect DoS module. It can be located in the location, server or http contexts.
- app_protect_dos_monitor - This directive is how App Protect monitors stress level of the protected resources. There are 3 arguments for this directive:
- URI - a mandatory argument, this is the destination to the protected resources
- Protocol - an optional argument, this is the protocol of the protected resource ( http1, http2, grpc) http1 is the default
- Timeout - determines how many seconds App Protect waits for a response. The default is 10 seconds for http1 and http2 and 5 seconds for grpc
- app_protect_dos_security_log_enable - Enable/Disable App Protect DoS security logger
- app_protect_dos_security_log - This directive takes two arguments, first is the configuration file path and the second is the destination where events will be sent
Install NGINX App Protect DoS¶
Open the WebShell of “NAP DOS 1” VM (UDF > Components > Systems > NAP DOS 1 > Access > Web Shell)
Install NGINX App Protect
apt install -y app-protect-dos
Enable NGINX App Protect DoS configuration by copying the /etc/nginx/nginx.conf.dos file over the existing /etc/nginx/nginx.conf file.
cp /etc/nginx/nginx.conf.dos /etc/nginx/nginx.conf
Optionally, view the contents of /etc/nginx/nginx.conf in a text editor. As a reminder, the NGINX App Protect DoS configuration directives start with app_protect_dos_*.
Restart NGINX
service nginx restart service nginx status
If NGINX restarted successfully, the restart command will complete successfully and status will return that NGINX is active (running).
- Repeat steps 1 - 5 on the “NAP DOS 2” VM