Node/VM/EC2

Install and attach K2's Node.js Language Agent with your Node.js application hosted on Node/VM/EC2 for Runtime Self Application Protection.

Prerequisites

• Make sure you have created an account on K2 Portal(SaaS or On-Premises).

• Make sure you have installed K2 Agents as per your environment.

Please follow our step by step Protect Node.Js Application guide to complete above two prerequisites. Ignore if done already.

Protect Node.Js Application

Docker

Steps to protect Nodejs Web Application

• For Node JS applications, make sure you have Node (version 8.2 and later) installed.

• The Node language agent is placed at one of the following locations(a.k.a LANGUAGE_COLLECTORS_HOME) based on the agent installation,

  • In /opt/k2-ic if the installation of the agent is done via a privileged user(Eg. root).

  • In ${HOME}/k2-ic if the installation of the agent is done via an unprivileged user.

    • ${HOME} points to the home directory of the Linux user used to run the agent on the host.

  • In [sharable-directory]/k2-ic if a shareable-directory is configured in the env.properties file during the installation of the agent.

• For any containerized Node.js web application (Docker/K8s), the host path LANGUAGE_COLLECTORS_HOME is to be mounted at "/opt/k2-ic" inside the container with option 'z'.

• The NodeAgent can be statically attached to your application in the following ways:

  • Explicitly running the application with NodeAgent:

     $ node --require /opt/k2-ic/k2-njs-agent/ <main-module>                         

  OR

  • Add the following code as the first line of your app's main module:

    require('/opt/k2-ic/k2-njs-agent/k2');              

• To verify if the given application is protected by Prevent-Web, refer to the "Protected processes" subsection of the "Applications" page and locate the application based on name and node IP. The host namespace PID(in case of a host application) and container namespace PID(in case of a containerized application) can also be used to locate the protected application.

• You can check your application in Protected processes View under applications on K2 Portal. Alternatively, go to Applications | K2 Portal

Now your application is successfully registered with the K2 platform and hence protected.

Non-Docker

Steps to protect Nodejs Web Application

• For Node JS applications, make sure you have Node (version 8.2 and later) installed.

• The Node language agent is placed at one of the following locations(a.k.a LANGUAGE_COLLECTORS_HOME) based on the agent installation,

  • In /opt/k2-ic if the installation of the agent is done via a privileged user(Eg. root).

  • In ${HOME}/k2-ic if the installation of the agent is done via an unprivileged user.

    • ${HOME} points to the home directory of the Linux user used to run the agent on the host.

  • In [sharable-directory]/k2-ic if a shareable-directory is configured in the env.properties file during the installation of the agent.

• The NodeAgent can be statically attached to your application in the following ways:

  • Explicitly running the application with NodeAgent:

    $ node --require [LANGUAGE_COLLECTORS_HOME]/k2-njs-agent/ <main-module>       

  OR

  • Add the following code as the first line of your app's main module:

    require('[LANGUAGE_COLLECTORS_HOME]/k2-njs-agent/k2')

• To verify if the given application is protected by Prevent-Web, refer to the "Protected processes" subsection of the "Applications" page and locate the application based on name and node IP. The host namespace PID(in case of a host application) and container namespace PID(in case of a containerised application) can also be used to locate the protected application.

• You can check your application in Protected processes View under applications on K2 Portal. Alternatively, go to Applications | K2 Portal

Now your application is successfully registered with K2 platform and hence protected.