[! WARNING] > This quickstart method is outdated. For the latest node installation, use the all-in-one installer instead https://docs.wallarm.com/installation/nginx/all-in-one/. >
This repository contains the Shell script that automates the Wallarm NGINX-based node deployment steps. The script has to be run on a server with one of the following supported Linux‑based operating system (OS):
- Debian 11.x (bullseye)
- Ubuntu 18.04 LTS (bionic)
- Ubuntu 20.04 LTS (focal)
- Ubuntu 22.04 LTS (jammy)
- CentOS 7.x
- AlmaLinux
- Rocky Linux
- Oracle Linux 8.x
This approach is recommended to be used only to try the product, it is not recommended for productions environments.
The Shell script getwallarm.sh used for Wallarm quick start performs the following steps:
-
Disable the SELinux mechanism if it is installed on the OS. Wallarm quick deployment is not compatible with active SELinux.
-
Install the latest stable version of NGINX from the NGINX official repository.
-
Install the Wallarm packages for both the Wallarm NGINX and postanalytics modules.
-
Run the filtering node using its token in the blocking mode.
-
Configure the local NGINX instance to act as a reverse proxy for the specified domain.
-
Send the following test requests:
-
GET request to
http://127.0.0.8/wallarm-statusto check the accessibility of the Wallarm statistics service. -
GET request to the NGINX instance address (port 80/TCP) to check the accessibility of the domain protected by Wallarm.
-
GET request containing malicious payload of the Path Traversal type to the NGINX instance address:
curl -H "Host: $DOMAIN_NAME" http://localhost/etc/passwdThe request should be blocked by the Wallarm node (the HTTP response code should be 403).
If the actual response is different from the expected one, the script returns the corresponding message.
-
-
Create an account in Wallarm Console using the link either for the US or EU Wallarm Cloud.
-
Create the Wallarm node in the Nodes section of the Wallarm Console UI.
-
Copy the generated token.
-
Install one of the supported OS listed below on your server. For the Wallarm node deployment to be completed successfully, please install the OS from the image/distributive with the basic package set and do not apply any additional configurations to the installed OS. The quick start script may not be able to handle the OS customizations (e.g. security hardening or additional configurations fitting your internal server management standards).
- Debian 11.x (bullseye)
- Ubuntu 18.04 LTS (bionic)
- Ubuntu 20.04 LTS (focal)
- Ubuntu 22.04 LTS (jammy)
- CentOS 7.x
- AlmaLinux
- Rocky Linux
- Oracle Linux 8.x
-
Connect to the server and become root user (e.g. by using command
sudo -i). -
Download the script getwallarm.sh by using one of the following commands:
If the curl command is available:
curl -o getwallarm.sh https://raw.githubusercontent.com/wallarm/quick-start/stable/4.6/getwallarm.shIf the wget command is available:
wget -O getwallarm.sh https://raw.githubusercontent.com/wallarm/quick-start/stable/4.6/getwallarm.sh -
Run the script passing the proper parameters:
sh getwallarm.sh -t <DEPLOY_TOKEN> -S <WALLARM_CLOUD> -n <WALLARM_NODE_NAME> -d <DOMAIN_NAME> -o <ORIGIN_SERVER>
Parameter Description Required? <DEPLOY_TOKEN>Wallarm node token copied from the Wallarm Console UI. Yes <WALLARM_CLOUD>Wallarm Cloud name being used. Possible values are eu(by default) andus1.No <WALLARM_NODE_NAME>Wallarm node name. By default, the script assigns the host name to the node.
The specified name can be changed in Wallarm Console → Nodes later.No <DOMAIN_NAME>The Wallarm filtering node will be configured to handle traffic for this domain. The value can be your company website or public API endpoint. If not sure about which domain name to use, you can always experiment with any public site (e.g. example.com).
Default value islocalhost.No <ORIGIN_SERVER>The Wallarm filtering node will be configured to send upstream requests to the specified IP address or domain name. If this parameter is not specified explicitly, the script uses the value of <DOMAIN_NAME>.No -
Ensure the script returned the message
We've completed the Wallarm node deployment process.If any errors occurred during the script execution, the script would return appropriate error messages.
-
Open Wallarm Console → Events section in the US Cloud or EU Cloud and make sure the Path Traversal attack is displayed in the list.
Wallarm node quick deployment is successfully completed!
To continue the product exploring, we recommend learning more about the following Wallarm features:
- Configuration of traffic filtration mode
- Blocking page and error code configuration
- Customizing the traffic filtration rules
- IP address whitelisting, blacklisting and greylisting
- System event notifications configured via native integrations with DevOps tools and triggers
When the Wallarm quick start is completed and basic features are explored, you are recommended to proceed to the production deployment.