Skip to content

Upgrading Wallarm NGINX Node with All-in-One Installer

These instructions describe the steps to upgrade the Wallarm node 4.x installed using all-in-one installer to version 5.0.

Re-installation of the Wallarm services is required

When upgrading from version 4.x using the all-in-one installer, it is recommended to perform a fresh installation of the node. For a safe procedure, install the new node on a new machine, redirect traffic to the new machine, and then remove the old one.

Alternatively, you can stop and remove the services on your current machine and then re-install the node. However, this may cause some downtime, which is not recommended.

This article describes the safest migration method.

Requirements

  • Access to the account with the Administrator role in Wallarm Console for the US Cloud or EU Cloud.

  • Access to https://meganode.wallarm.com to download all-in-one Wallarm installer. Ensure the access is not blocked by a firewall.

  • Access to https://us1.api.wallarm.com for working with US Wallarm Cloud or to https://api.wallarm.com for working with EU Wallarm Cloud. If access can be configured only via the proxy server, then use the instructions.

  • Executing all commands as a superuser (e.g. root).

  • Access to the IP addresses below for downloading updates to attack detection rules and API specifications, as well as retrieving precise IPs for your allowlisted, denylisted, or graylisted countries, regions, or data centers.

    34.96.64.17
34.110.183.149
35.235.66.155
34.102.90.100
34.94.156.115
35.235.115.105

    34.160.38.183
34.144.227.90
34.90.110.226

Step 1: Install the new node version on a clean machine

Install the newest version of the node on a new machine alongside the most recent version of NGINX by following one of the guides. The guide also covers the requirements for the machine.

During the installation, you can transfer the configuration files you used for the previous node and use them - nothing has changed in the node configuration.

Then route the traffic to the new machine for the new node to process it.

Step 2: Remove the old node

  1. Once traffic is routed to the new machine and your Cloud-stored data (rules, IP lists) is synchronized, perform some test attacks to ensure your rules work as expected.

  2. Delete old node in Wallarm Console → Nodes by selecting your node and clicking Delete.

  3. Confirm the action.

    When the node is deleted from Cloud, it will stop filtration of requests to your applications. Deleting the filtering node cannot be undone. The node will be deleted from the list of nodes permanently.

  4. Delete machine with the old node or just clean it from Wallarm node components:

    sudo systemctl stop wallarm
sudo rm -rf /opt/wallarm