> For the complete documentation index, see [llms.txt](https://waf-doc.inext.checkpoint.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://waf-doc.inext.checkpoint.com/how-to/upgrade-your-reverse-proxy-when-a-linux-nginx-agent-is-installed.md).

# Upgrade your Reverse Proxy when a Linux/NGINX agent is installed

One of the possible deployments for CloudGuard WAF is a Linux agent installed on top over a [supported Reverse Proxy](/getting-started/deploy-enforcement-point/linux.md).

If you wish to upgrade the Reverse Proxy while the agent is installed, follow the steps described in this documentation page.

## NGINX

#### Step 1: **Delete the agent module's load\_module line**

* Locate your nginx *modules* folder path by running:\
  nginx -V\
  and look for the value of the "--modules-path" parameter.\
  It is usually /usr/share/nginx/modules or /usr/lib/nginx/modules
* Via command line access to the machine with the NGINX server and the agent, edit the following file:\
  \&#xNAN;*/etc/nginx/nginx.conf*
* **Delete** the following line (look for the path located previously):\
  \&#xNAN;*load\_module /\<modules folder path>/ngx\_cp\_attachment\_module.so;*

#### Step 2: Comment out the agent module's configuration lines

* Edit all files in the paths */etc/nginx/conf.d/\** or */etc/nginx/sites\_enabled/\**
  * Comment out (add '#' in the beginning of the line) all the lines, if exist, that begin with:\
    \&#xNAN;*cp-nano-nginx-attachment*
* If you added manually additional lines in other server configuration files - comment them out as well.

#### Step 3: Run a test command

Run the command '*nginx -t*'. You should see it print out "*test is successful*".

#### Step 4: Upgrade the NGINX's software version

Run any commands you intended to run in order to upgrade the NGINX's software version

#### Step 5: Stop and start the agent, while triggering deployment of a new attachment

Run the following commands:\
\&#xNAN;*cpnano -q*\
*rm -rf /etc/cp/packages*\
*rm /etc/cp/conf/manifest.json*\
*cpnano -r*

#### Step 6: Verify the agent has restarted

After one minute that the agent has restarted successfully using the following command:\
\&#xNAN;*cpnano -s*

Last update status should state “Succeeded” and Last update should show a time in the scope of the last few minutes.

#### Step 7: Undo the changes done in step 2

Remove the "comment out" character ('#') from all the lines it was added to in step 2 (In the paths */etc/nginx/conf.d/\** or */etc/nginx/sites\_enabled/\** )

#### Step 8: NGINX reload

Run the following commands:\
\&#xNAN;*nginx -s reload*\
*systemctl restart nginx*


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://waf-doc.inext.checkpoint.com/how-to/upgrade-your-reverse-proxy-when-a-linux-nginx-agent-is-installed.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.
