Upgrading the Docker NGINX-based image¶
These instructions describe the steps to upgrade the running Docker NGINX-based image 4.x to the version 5.0.
Using credentials of already existing Wallarm node
We do not recommend using the already existing Wallarm node of the previous version. Please follow these instructions to create a new filtering node of the version 5.0 and deploy it as the Docker container.
To upgrade the end‑of‑life node (3.6 or lower), please use the different instructions.
Requirements¶
-
Docker installed on your host system
-
Access to
https://hub.docker.com/r/wallarm/node
to download the Docker image. Please ensure the access is not blocked by a firewall -
Access to the account with the Administrator role in Wallarm Console in the US Cloud or EU Cloud
-
Access to
https://us1.api.wallarm.com
if working with US Wallarm Cloud or tohttps://api.wallarm.com
if working with EU Wallarm Cloud. Please ensure the access is not blocked by a firewall -
Access to the IP addresses below for downloading updates to attack detection rules and API specifications, as well as retrieving precise IPs for your allowlisted, denylisted, or graylisted countries, regions, or data centers
Step 1: Download the updated filtering node image¶
Step 2: Stop the running container¶
Step 3: Run the container using the new image¶
-
Proceed to Wallarm Console → Settings → API Tokens and generate a token with the Deploy role.
-
Copy the generated token.
-
Run the updated image using the copied token.
There are two options for running the container using the updated image:
Step 4: Test the filtering node operation¶
-
Send the request with test Path Traversal attack to a protected resource address:
If traffic is configured to be proxied to
example.com
, include the-H "Host: example.com"
header in the request. -
Open Wallarm Console → Attacks section in the US Cloud or EU Cloud and make sure the attack is displayed in the list.
Step 5: Delete the filtering node of the previous version¶
If the deployed image of the version 5.0 operates correctly, you can delete the filtering node of the previous version in Wallarm Console → Nodes.