Merge branch 'open-appsec-addition' of https://github.com/openappsec/open-appsec-npm into open-appsec-addition

README.md

@@ -1,7 +1,8 @@
 # open-appsec NPM Proxy Manager integration (beta)
 
 This is the repository for the beta release of the new integration of open-appsec WAF with NGINX Proxy Manager.
-This will allow NGINX Proxy Manager (NPM) users to protect their web applications and web APIs exposed by NGINX Proxy Manager by easily activating and configuring open-appsec protection for each of the configured Proxy Host objects in NPM directly from the NPM Web UI and monitor security events.
+This will allow NGINX Proxy Manager (NPM) users to protect their web applications and web APIs exposed by NGINX Proxy Manager by easily activating and configuring open-appsec protection for each of the configured Proxy Host objects in NPM directly from the NPM Web UI and also to monitor security events.
+This new integration of open-appsec WAF with NGINX Proxy Manager not only closes the security gap caused by the soon end-of-life ModSecurity WAF, but provides a modern, strong protection alternative in form of open-appsec, a preemptive, machine-learning based, fully automatic WAF that does not rely on signatures at all.
 
 ### NGINX Proxy Manager
 Nginx Proxy Manager is a popular open-source project that simplifies the management of NGINX reverse proxy configurations, offering a user-friendly web-based interface for easy setup and maintenance. It was created by “jc21”.
@@ -24,13 +25,25 @@ Docs: 		    https://docs.openappsec.io
 
 
 ### Integration of open-appsec WAF with NGINX Proxy Manager:
-This new integration not only closes the security gap caused by the soon-end-of-life ModSecurity but provides a modern, strong protection alternative in the form of open-appsec, a preemptive, machine-learning-based, fully automatic WAF that does not rely on signatures at all.
+
-While developing this integration we focused on maximum simplicity to maintain the low entry barrier of the NGINX proxy manager (NPM) project.
+While developing this integration we focused on maximum simplicity to maintain the low entry barrier as a key design principle of the NGINX proxy manager (NPM) project, which we wanted in the same way to apply also to the addition of open-appsec.
-The actual deployment of NPM with open-appsec is performed using a slightly enhanced docker-compose file (see below) and configuring open-appsec can be done from an enhanced NPM Web UI interface to which the relevant configuration options for the open-appsec WAF, as well as an option to view the open-appsec logs, were added.
+
+The actual deployment of NPM with open-appsec is performed using a slightly enhanced docker compose file (see below) which also adds the open-appsec agent container to it, which will perform the actual security inspection.
+The NGINX proxy manager container deployed as part of the docker compose is using the “open-appsec-npm” image which is based on the regular NPM code but also adds the open-appsec attachment to it as an NGINX module, which enables the connection between the NGINX and the open-appsec Agent and e.g. provides the HTTP data for inspection to the Agent.
+The “open-appsec-npm” container also contains various NPM WebUI enhancements and the integration logic allowing the configuration, administration and monitoring of open-appsec.
+
+You can read more about open-appsec’s Technology here:
+https://www.openappsec.io/tech 
+
+After successful deployment you can then activate and configure open-appsec directly from the enhanced NPM Web UI interface to which the most relevant configuration options for the open-appsec WAF as well as an option to view the open-appsec logs have been added.
+
+The resulting architecture with the open-appsec Agent container and the NGINX Proxy Manager container then looks like this:
+
+[TBD ADD ARCHITECTURE IMAGE]
 
 Documentation: https://docs.openappsec.io/integrations/nginx-proxy-manager-integration
 
-# Deployment:
+# Deployment Step-by-Step:
 Before you start, make sure to have a Linux environment with Docker and Docker Compose available.
 To deploy NGINX Proxy Manager with open-appsec integration follow the steps below:
 1. Within the directory which you want to use for the deployment:
@@ -139,12 +152,12 @@ git clone https://github.com/openappsec/open-appsec-npm.git
 
 Change into the open-appsec-npm directory:
 ```
-cd open-appsec-npm/scripts/ci 
+cd open-appsec-npm
 ```
 
 Create a folder for the already compiled libraries for the open-appsec attachment:
 ```
-mkdir -r /docker/lib
+mkdir docker/lib
 ```
 
 Copy the following already compiled Attachment files (see "Prerequisites" above) into the docker/lib/ folder:

deployment/local_policy.yaml

@@ -42,6 +42,7 @@ log-triggers:
       enabled: true
       minimum-severity: high
       response-body: false
+      response-code: true
     appsec-logging:
       all-web-requests: false
       detect-events: true
@@ -49,8 +50,8 @@ log-triggers:
     extended-logging:
       http-headers: false
       request-body: false
-      url-path: false
+      url-path: true
-      url-query: false
+      url-query: true
     log-destination:
       cloud: false
       stdout: