feat: F5 dos for nginx 4.9#1863
Merged
Merged
Conversation
github-actions
Bot
added
documentation
✅ Deploy Preview will be available once build job completes!
|
…ent (#1871) * added Google site verification file for Google Search Console enablement * moved to /static --------- Co-authored-by: Lam Nguyen <la.nguyen@f5.com>
…r security monitoring (#1861) * docs(nginx-one): improve security monitoring setup verification - Clarify where to place the secops_dashboard logging directives in the NGINX configuration and expand the verification flow into a concrete end-to-end check using the Security Dashboard Event Logs tab. - Add labeled example test requests for common attack patterns (XSS, path traversal, SQL injection) so operators can generate sample security events while setting up the default blocking policy. Document that customized or transparent policies may alert instead of block. * docs(nginx-one): add local security monitoring troubleshooting guide - Add a new local data plane troubleshooting guide for NGINX One security monitoring to help customers diagnose why F5 WAF for NGINX security events do not appear in the dashboard after setup. - The new guide covers four checks: - invalid secops_dashboard log profile errors in the embedded collector log - port 1514 ownership for local syslog delivery - presence of the generated security log pipeline in the collector config - optional debug exporter configuration for collector-side verification Also update the main security monitoring setup guide to improve verification, add labeled example attack requests for generating test events, and link to the new troubleshooting workflow. Update the section landing page so the new guide is discoverable from the security monitoring docs. * Update content/nginx-one-console/waf-integration/waf-security-dashboard/local-dataplane-troubleshooting.md Update as recommended Co-authored-by: Travis Martin <33876974+travisamartin@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Travis Martin <33876974+travisamartin@users.noreply.github.com> --------- Co-authored-by: Travis Martin <33876974+travisamartin@users.noreply.github.com>
github-actions
Bot
added
product/nic
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
JTorreG
reviewed
Apr 30, 2026
… for 4.9 release" This reverts commit dab3055.
Contributor
travisamartin
previously requested changes
Apr 30, 2026
Contributor
travisamartin
left a comment
travisamartin
left a comment
There was a problem hiding this comment.
Looks like some includes were added that aren't actually used.
One filename has two .. for the extension and should be renamed.
I had the Tech Writer agent add the requested metadata and do a copy edit on the new and touched files. Since there are a lot of suggested edits, I opened a new PR targeting this one. Take a look: #1905
- Add missing front matter: description, keywords, nd-summary - Fix sentence case: 'Post-installation checks', 'F5 DoS for NGINX arbitrator' - Fix 'should' → 'must' for JWT token and image repository requirements Addresses review comments from JTorreG on PR #1863. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
Author
Hi @JTorreG |
* docs(nap-dos): fix product names, metadata, and prose quality for 4.9 release
* docs(nap-dos): prose edit pass on 4.9 release files
- Fix product names throughout: 'App Protect DoS' and 'F5 DOS for NGINX'
replaced with correct 'F5 DoS for NGINX'
- Fix 'pre-requisites' → 'prerequisites', '(Purchased or trial)' → lowercase
- Remove first-person voice ('We will configure')
- Replace 'i.e.' with 'for example' throughout
- Fix grammar: 'Bugs fixing' → 'Bug fixes', 'prob.' → 'probe', 'its' → 'it is'
- Replace inline HTML (<br>, <span style=...>) with Markdown equivalents
- Replace hard-coded external links with internal ref shortcodes
- Fix 'Click' → 'Select' per style guide
- Fix heading levels: # Overview → ## Overview in license-secret.md
- Remove weak lead sentence ('This document explains...')
- Fix 'cannot' (was 'can not'), add missing Oxford comma
- Clean up trailing <br> tags from end-of-sentence positions
- Fix double space before 'In offline environments'
* chore: remove .style-guide submodule from PR
* docs(nap-dos): restore eBPF acronym expansion in best-practices
* docs(nap-dos): expand acronyms on first mention, fix remaining prose issues
- types-of-logs.md: rewrite Request Log section (missed in previous pass) —
fix 'App Protect DoS' x3, 'In order to', heading capitalisation, <br> tags
- installing...aws.md: remove last <span> HTML tag in step 4
- learn-about-deployment.md: fix remaining 'App Protect DoS' product name
- troubleshoot.md: expand XFF (X-Forwarded-For); expand ELK on first mention
- kubernetes-with-L4...md: expand eBPF (Extended Berkeley Packet Filter) on
first mention in prose
- dos-arbitrator.md: expand FQDN (fully qualified domain name); expand mTLS
(mutual TLS) on first mention
- learn-about-directives-and-policy.md: expand FQDN on first prose mention
* chore: remove .style-guide submodule from PR (again)
* Revisions to expanded acronyms
* fix(nic): update broken ref to subscription licenses topic
The /solutions/about-subscription-licenses.md file was reorganized into
a subdirectory. Update the ref to the correct path and anchor:
/solutions/about-subscription-licenses/getting-started.md#internet-connected
* chore(includes/dos): clean up front matter in dos includes
- Add nd-product: F5DOSN to dos-arbitrator.md and install-post-checks.md
- Add missing learn-about-deployment.md to dos-arbitrator.md nd-files list
- Remove invalid nd-docs: null from both files
* chore(includes/dos): add nd-product and nd-files front matter to all dos includes
- Add nd-product: F5DOSN to all includes missing it
- Add nd-files lists based on actual include usage in content files
- Remove invalid nd-docs: null from dos-entrypoint.md and dos-waf-entrypoint.md
- Fix dos-waf-entrypoint.md nd-files: only used in learn-about-deployment.md
- k8s_arbitrator files: nd-product only (not yet referenced in content)
- Replace hardcoded syslog IP 10.197.30.219:5261 with <syslog-server-ip>:<port>
placeholder in k8s_manifest and k8s_with_ebpf_manifest nginx-conf-configmap files
* fix(nap-dos): replace internal IP addresses with placeholders
Replace non-RFC-5737 example IP 10.197.30.219 (and typo 10.97.30.219)
with <SYSLOG_SERVER_IP> placeholder per sensitive-information.md guidance.
Affected files:
- content/includes/dos/k8s_manifest/dos-nginx-conf-configmap.md
- content/includes/dos/k8s_with_ebpf_manifest/dos-nginx-conf-configmap.md
- content/nap-dos/deployment-guide/best-practices.md (2 occurrences)
* fix(nap-dos): fix mixed named/positional call-out shortcode params
* chore(nap-dos): add nd-summary and expand short descriptions
* chore: remove unused k8s_arbitrator include files
The appprotect-dos-arb.md and svc-appprotect-dos-arb.md include files
in content/includes/dos/k8s_arbitrator/ are not referenced by any
page via the include shortcode, so they serve no purpose.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* chore(nap-dos): remove Helm install path and fix double-dot filename
- Remove the 'Use Helm to install' sections from kubernetes.md and
kubernetes-with-L4-accelerated-mitigation.md; only the manifest-based
install path remains
- Update front matter (description, keywords, nd-summary) to drop all
Helm references in both files
- Rename kubernetes-with-L4-accelerated-mitigation..md (double dot) to
kubernetes-with-L4-accelerated-mitigation.md (single dot)
- Update nd-files references in 18 include files under
content/includes/dos/ to point to the corrected filename
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: r.nitzan@f5.com <r.nitzan@f5.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Raanan <59834489+rnitzan@users.noreply.github.com>
Updated release date for version 4.9 and added NGINX Plus R37 support.
Co-authored-by: Jon Torre <78599298+JTorreG@users.noreply.github.com>
Co-authored-by: Jon Torre <78599298+JTorreG@users.noreply.github.com>
Co-authored-by: Jon Torre <78599298+JTorreG@users.noreply.github.com>
…section, fix typos - Add nd-files metadata to 8 dockerfile includes missing it - Delete unused rocky9-plus-dos-waf.md include - Remove Helm installation section (Helm support dropped) - Fix typos in manifest section (enviorment, anmae) - Fix Post-installation checks section (typos, incomplete sentence)
Resolve conflicts: rename nd-* metadata keys to f5-* prefix to align with main branch convention. Keep branch content and f5-files metadata.
Contributor
Author
|
Hi @JTorreG @travisamartin @mjang |
JTorreG
approved these changes
May 13, 2026
travisamartin
approved these changes
May 13, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Proposed changes
F5 Dos for NGINX v4.9 release over NGINX Plus R37
Checklist
Before sharing this pull request, I completed the following checklist:
Footnotes
Potentially sensitive information includes personally identify information (PII), authentication credentials, and live URLs. Refer to the style guide for guidance about placeholder content. ↩