top of page
Christopher Lutat

NGINX Proxy Manager WAF: New central WebUI management option for open-appsec

At the end of last year open-appsec WAF integration with NGINX Proxy Manager (NPM) was released as open-source project in GitHub, allowing NPM users to easily deploy NPM together with open-appsec preemptive, machine learning WAF to protect web apps and APIs, providing an integrated, effective security solution which does not rely on traditional signatures. This integration allows managing and monitoring NPM as well as open-appsec from the local (enhanced) NGINX Proxy Manager WebUI. See original announcement blog here: Announcing open-appsec WAF Integration with NGINX Proxy Manager (openappsec.io)



At the request of our growing user base of the NGINX Proxy Manager/open-appsec integration, we are today excited to announce the availability of an additional deployment option:


This new deployment option provides NGINX Proxy Manager users advanced capabilities for managing and monitoring open-appsec using the open-appsec central WebUI (SaaS) instead of using the NGINX Proxy Manager WebUI (while continuing to manage NGINX Proxy Manager itself directly from its own integrated WebUI).


The following diagram shows the resulting architecture, centrally managing and monitoring two instances of open-appsec integrated in two separate NPM deployments from the open-appsec WebUI (SaaS):


Here's a quick glance on how the different UI experiences for configuration of the open-appsec WAF looks like:

Option 1: Configure and monitor open-appsec WAF locally, directly from NGINX Proxy Manager (NPM) WebUI

Here you can easily enable open-appsec from within the "Edit Proxy Host" view for any proxy host configured in NGINX Proxy Manager by activating the open-appsec switch and setting desired enforcement mode ("Detect-Learn" vs. "Prevent-Learn") and minimum confidence level for prevent action (e.g. "High") (see screenshot below)

The security logs created by the open-appsec WAF are also visible directly within the NGINX Proxy Manager WebUI (see screenshot below).



Option 2 (new): Configure and monitor one or more open-appsec WAFs from central open-appsec WebUI (SaaS)

Here you configure open-appsec settings separately, by creating an "Asset" in the central open-appsec WebUI (SaaS). Typically you would create such an asset for each "Proxy Host" which you have defined in the NGINX Proxy Manager WebUI, but you could also create e.g. multiple more granular assets, allowing you to apply different open-appsec WAF configuration settings for e.g. different specific paths of your web application represented by the "Proxy Host" in NGINX Proxy Manager. From the central WebUI you can centrally administer all assets even across multiple open-appsec WAF deployments (on-prem or in cloud).

Following screenshot shows an example of the "Asset" view in the open-appsec WebUI.

Here you can also configure all available open-appsec settings in a granular way, like the threat prevention settings (see screenshot below), rate limiting, custom rules and exceptions and more.

In addition to a flexible table-based log view you also get e.g. dashboard views (see screenshot below), flexible log filters, report generation capabilities and much more in the central open-appsec WebUI. The central WebUI also provides a place for comprehensive monitoring and security log analysis across multiple open-appsec WAF deployments on different platforms on prem or in cloud.

How to pick the right management-style for your open-appsec WAF deployment integrated with NGINX Proxy Manager?

If you wonder which management-style you should chose for your open-appsec WAF protecting your NGINX Proxy Manager environment, here are the main differences in short to help you decide (see also further below for screenshots of the different WebUI experiences):

open-appsec Management and Functionality Aspects
Local Management (Using NGINX Proxy Manager (NPM) WebUI)
Central Management (Using open-appsec WebUI)
Management Interface

Integrated in NGINX Proxy Manager WebUI (NPM)

Central, separate open-appsec WebUI (SaaS) https://my.openappsec.io

Configuration Options

Basic, most important configuration options

All configuration options, including many advanced features (custom rules, exceptions, learning recommendations/supervised learning, snort signatures, rate limiting)

Security Log Viewer

Simple log viewer

Advanced log viewer and monitoring tools: dashboards, search with filters, multiple views, ...

Deployment

docker-compose

docker-compose + free WebUI tenant creation at https://my.openappsec.io

Ease of Setup

Very easy (enable protection directly from NPM proxy host settings)

Easy, flexible configuration using central WebUI

Manage Multiple Deployments

No, manage local open-appsec deployment integrated with NPM only

Yes, centrally manage multiple open-appsec deployments: on-prem or in cloud, all deployment types supported: Linux, Docker, K8s, ... all integrations supported: NGINX, KONG, Nginx Proxy Manager, ...

Supported Editions (see https://www.openappsec.io/pricing for comparison)

- open-appsec "Community Edition" (manage basic Community Edition features)

- open-appsec "Community Edition" (manage all available functionality) - open-appsec "Premium Edition" (manage all available premium functionality)

Recommended User Level

Beginners and regular users

Regular and advanced users (required for Premium Edition)


How to deploy


Can’t wait to try this out yourself in virtual lab or deploy in your own environment? You have the following options:

  • Check out the two deployment / management options for open-appsec NGINX Proxy Manager integration in our “Playground” (free, instantly available labs): https://www.openappsec.io/playground 

 


We hope you continue to enjoy this integration and also find this new central, advanced management option useful! If you have any feedback, please let us know using the chat on www.openappsec.io or contact us directly via info@openappsec.io.


---

More information is available here:


open-appsec NGINX Proxy Manager Integration:

 

open-appsec:

 

NGINX Proxy Manager:

--


 

open-appsec is an open-source project that builds on machine learning to provide pre-emptive web app & API threat protection against OWASP-Top-10 and zero-day attacks. It simplifies maintenance as there is no threat signature upkeep and exception handling, like common in many WAF solutions.


To learn more about how open-appsec works, see this White Paper and the in-depth Video Tutorial. You can also experiment with deployment in the free Playground.

Comments


Experiment with open-appsec for Linux, Kubernetes or Kong using a free virtual lab

bottom of page