End of Sale Notice:

F5 NGINX is announcing the End of Sale (EoS) for NGINX Controller API Management Module, effective January 1, 2024.

F5 maintains generous lifecycle policies that allow customers to continue support and receive product updates. Existing NGINX Controller API- Management customers can continue to use the product past the EoS date. License renewals are not available after September 30, 2024.

See our End of Sale announcement for more details.
End of Sale Notice:

F5 NGINX is announcing the End of Sale (EoS) for NGINX Controller Application Delivery Module, effective January 1, 2024.

F5 maintains generous lifecycle policies that allow customers to continue support and receive product updates. Existing NGINX Controller Application Delivery customers can continue to use the product past the EoS date. License renewals are not available after September 30, 2024.

See our End of Sale announcement for more details.

Set Up App Security Monitor Mode

How to use F5 NGINX Controller App Security to monitor or block security violations.

Overview

You can use the F5 NGINX Controller REST API to enable or disable monitor-only mode for the App Security WAF policy.

Enable Monitor-Only Mode for App Security WAF

When monitor-only mode is enabled, traffic is allowed to pass without being rejected. However, security events are still generated and metrics are still collected. See About App Security Analytics for more information.

To enable monitor-only mode for App Security WAF, send a POST or PUT request to the Components endpoint, with a JSON object similar to the following:

{
  "metadata": {...},
  "desiredState": {
    "ingress": {...},
    "security": {
       "strategyRef": {
         "ref": "/security/strategies/policyName"
       },
       "waf": {
            "isEnabled": true,
            "isMonitorOnly": true
        }
    },
    "backend": {...},
    "logging": {...}
  }
}

Block Traffic Violations with App Security WAF

When monitor-only mode is disabled, traffic is blocked based on the Violation Rating score for the default policy.

To block traffic violations with App Security WAF, send a POST or PUT request to the /services/apps/components REST API endpoint, with a JSON object similar to the following:

{
  "metadata": {...},
  "desiredState": {
    "ingress": {...},
    "security": {
       "strategyRef": {
         "ref": "/security/strategies/policyName"
       },
        "waf": {
            "isEnabled": true,
            "isMonitorOnly": false
        }
    },
    "backend": {...},
    "logging": {...}
  }
}