Nemesida WAF modules and auxiliary components updating guide.

It is recommended to install updates to keep Nemesida WAF components up to date. In addition to the system environment, auxiliary PIP dependencies are required for the components to work.

Components update from the repository installed in the system by package manager (apt, yum or other).

Components without virtual environment

Python3 PIP dependencies for dynamic module Nemesida WAF (nwaf-dyn) and Nemesida AI MLC (nwaf-mlc) are updated as follows:

python3 -m pip install --upgrade pip
python3 -m pip freeze | sed -r 's|==.+||' > /tmp/requirements.txt
python3 -m pip install --upgrade --no-cache-dir -r /tmp/requirements.txt
rm /tmp/requirements.txt

It is recommended to restart server and check the components' status after updating:

# systemctl status nginx nwaf_update mla_main rabbitmq-server
# service mlc_main status

Components with virtual environment

Warning: updating may cause the Nemesida WAF crash.

Modules Nemesida WAF API (nwaf-api), Nemesida WAF Cabinet (nwaf-cabinet), Nemesida WAF Signtest (nwaf-st) and Nemesida WAF Scanner (nwaf-scanner) use virtual environment, that's why the updating of Python3 PIP dependencies is following:

  • For Nemesida WAF API:

    # /var/www/nw-api/pip_update.sh
    
  • For Nemesida WAF Cabinet:

    # /var/www/app/pip_update.sh
    
  • For Nemesida WAF Signtest:

    # /var/www/signtest/app/pip_update.sh
    # /var/www/signtest/api/pip_update.sh
    
  • For Nemesida WAF Scanner:

    # /opt/nws/pip_update.sh
    

It is recommended to restart server and check the components' status after updating:

  • For Nemesida WAF API:

    # systemctl status nw-api
    
  • For Nemesida WAF Cabinet:

    # systemctl status cabinet cabinet_ipinfo cabinet_attack_nottification cabinet_vts
    
  • For Nemesida WAF Signtest:

    # systemctl status signtest_ipinfo signtest_rlupd signtest_web signtest_api
    
  • For Nemesida WAF Scanner:

    # systemctl status nws
    

If there are errors in operation, it is recommended to return to the Python3 versions of the PIP dependencies included in the distributive as follows:

  • For Nemesida WAF API:

    # cd /var/www/nw-api/ && . venv/bin/activate && python3 -m pip install --no-cache-dir -r requirements.txt && deactivate && cd -
    
  • For Nemesida WAF Cabinet:

    # cd /var/www/app/ && . venv/bin/activate && python3 -m pip install --no-cache-dir -r requirements.txt && deactivate && cd -
    
  • For Nemesida WAF Signtest:

    # cd /var/www/signtest/api/ && . venv/bin/activate && python3 -m pip install --no-cache-dir -r requirements.txt && deactivate && cd -
    # cd /var/www/signtest/app/ && . venv/bin/activate && python3 -m pip install --no-cache-dir -r requirements.txt && deactivate && cd -
    
  • For Nemesida WAF Scanner:

    # cd /opt/nws/ && . venv/bin/activate && python3 -m pip install --no-cache-dir -r requirements.txt && deactivate && cd -