Skip to content

Updating Linux node packages

These instructions describe the steps to update Linux node packages to version 3.0. Linux node packages are packages installed in accordance with one of the following instructions:

Breaking changes and skipping partner node update

  • The Wallarm node 3.0 is totally incompatible with previous Wallarm node versions. Before updating the modules up to 3.0, please carefully review the list of Wallarm node 3.0 changes and consider a possible configuration change.
  • We do NOT recommend updating partner node up to version 3.0, since most changes will be fully supported only in partner node 3.2.

Update procedure

  • If filtering node and postanalytics modules are installed on the same server, then follow the instrutions below to update all packages.

  • If filtering node and postanalytics modules are installed on different servers, then first update the postanalytics module following these instructions and perform the steps below for filtering node modules.

Step 1: Inform Wallarm technical support that you are updating filtering node modules

Please inform Wallarm technical support that you are updating filtering node modules up to 3.0 and ask to enable new IP lists logic for your Wallarm account. When new IP lists logic is enabled, please open the Wallarm Console and ensure that the section IP lists is available.

Step 2: Add new Wallarm repository

Delete the previous Wallarm repository address and add a repository with a new Wallarm node version package. Please use the commands for the appropriate platform.

CentOS and Amazon Linux 2

sudo yum remove wallarm-node-repo
sudo rpm -i https://repo.wallarm.com/centos/wallarm-node/7/3.0/x86_64/Packages/wallarm-node-repo-1-6.el7.noarch.rpm

sudo yum remove wallarm-node-repo
sudo rpm -i https://repo.wallarm.com/centos/wallarm-node/8/3.0/x86_64/Packages/wallarm-node-repo-1-6.el8.noarch.rpm

Debian and Ubuntu

  1. Open the file with the Wallarm repository address in the installed text editor. In these instructions, vim is used.

    sudo vim /etc/apt/sources.list.d/wallarm.list

  2. Comment out or delete the previous repository address.

  3. Add a new repository address:

    deb http://repo.wallarm.com/debian/wallarm-node stretch/3.0/

    deb http://repo.wallarm.com/debian/wallarm-node stretch/3.0/
deb http://repo.wallarm.com/debian/wallarm-node stretch-backports/3.0/

    deb http://repo.wallarm.com/debian/wallarm-node buster/3.0/

    deb http://repo.wallarm.com/ubuntu/wallarm-node bionic/3.0/

Step 3: Migrate whitelists and blacklists from previous Wallarm node version to 3.0

Migrate whitelists and blacklists configuration from previous Wallarm node version to 3.0 following the instructions.

Step 4: Update Wallarm API Security packages

Filtering node and postanalytics on the same server

sudo apt update
sudo apt dist-upgrade

sudo apt update
sudo apt dist-upgrade

sudo yum update

Filtering node and postanalytics on different servers

Sequence of steps to update the filtering node and postanalytics modules

If the filtering node and postanalytics modules are installed on different servers, then it is required to update the postanalytics packages before updating the filtering node packages.

  1. Update postanalytics packages following these instructions.

  2. Update Wallarm node packages:

    sudo apt update
sudo apt dist-upgrade

    sudo apt update
sudo apt dist-upgrade

    sudo yum update

Step 5: Restart NGINX

sudo systemctl restart nginx

sudo service nginx restart

sudo systemctl restart nginx

Step 6: Test Wallarm node operation

  1. Send the request with test SQLI and XSS attacks to the application address:

    curl http://localhost/?id='or+1=1--a-<script>prompt(1)</script>'

  2. Open the Wallarm Console → Events section in the EU Cloud or US Cloud and ensure attacks are displayed in the list.

    Attacks in the interface

Settings customization

Wallarm API Security modules are updated to version 3.0. Previous filtering node settings will be applied to the new version automatically. To make additional settings, use the available directives.

Common customization options: