diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 3d6f1daf8..e8c87d6db 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -22,7 +22,7 @@
 # NGINX Agent
 content/nginx/nms/agent/*   @nginx/nginx-agent 
 
-# NGINX App Protect DoS
+# F5 DoS for NGINX
 content/nap-dos/*           @nginx/dos-docs-approvers
 
 # NGINX App Protect WAF
diff --git a/_banners/waf-oss-usage.md b/_banners/waf-oss-usage.md
new file mode 100644
index 000000000..abec9f383
--- /dev/null
+++ b/_banners/waf-oss-usage.md
@@ -0,0 +1,7 @@
+{{< banner "warning" "NGINX Open Source availability" >}}
+
+The guidance in this section is **only** applicable to F5 WAF for NGINX v5.
+
+For NGINX v4, you must use an [NGINX Plus]({{< ref "/waf/install/plus" >}}) deployment.
+
+{{< /banner >}}
\ No newline at end of file
diff --git a/cloudcannon.config.yml b/cloudcannon.config.yml
index 8aa064275..e6b2aa94a 100644
--- a/cloudcannon.config.yml
+++ b/cloudcannon.config.yml
@@ -88,8 +88,8 @@ collections_config:
   nap_dos:
     path: content/nap-dos
     output: true
-    name: NGINX App Protect DoS
-    description: Documentation for NGINX App Protect DoS
+    name: F5 DoS for NGINX
+    description: Documentation for F5 DoS for NGINX
     parse_branch_index: false
     icon: notes
     preview:
diff --git a/content/includes/nic/configuration/security.md b/content/includes/nic/configuration/security.md
index 4ade6e0cf..c7aae8062 100644
--- a/content/includes/nic/configuration/security.md
+++ b/content/includes/nic/configuration/security.md
@@ -34,7 +34,7 @@ By default, the ServiceAccount has access to all Secret resources in the cluster
 ### Configure root filesystem as read-only
 
 {{< call-out "caution"  >}}
- This feature is compatible with [NGINX App Protect WAFv5](https://docs.nginx.com/nginx-app-protect-waf/v5/). It is not compatible with [NGINX App Protect WAFv4](https://docs.nginx.com/nginx-app-protect-waf/v4/) or [NGINX App Protect DoS](https://docs.nginx.com/nginx-app-protect-dos/).
+ This feature is compatible with [NGINX App Protect WAFv5](https://docs.nginx.com/nginx-app-protect-waf/v5/). It is not compatible with [NGINX App Protect WAFv4](https://docs.nginx.com/nginx-app-protect-waf/v4/) or [F5 DoS for NGINX](https://docs.nginx.com/nginx-app-protect-dos/).
 {{< /call-out >}}
 
 NGINX Ingress Controller is designed to be resilient against attacks in various ways, such as running the service as non-root to avoid changes to files. We recommend setting filesystems on all containers to read-only, this includes `nginx-ingress-controller`, though also includes `waf-enforcer` and `waf-config-mgr` when NGINX App Protect WAFv5 is in use.  This is so that the attack surface is further reduced by limiting changes to binaries and libraries.
diff --git a/content/includes/nic/rbac/set-up-rbac.md b/content/includes/nic/rbac/set-up-rbac.md
index eaf9a6c6f..03a7727f7 100644
--- a/content/includes/nic/rbac/set-up-rbac.md
+++ b/content/includes/nic/rbac/set-up-rbac.md
@@ -18,7 +18,7 @@ nd-docs: DOCS-1468
 
 <br>
 
-If you're planning to use NGINX App Protect or NGINX App Protect DoS, additional roles and bindings are needed.
+If you're planning to use NGINX App Protect or F5 DoS for NGINX, additional roles and bindings are needed.
 
 1. (NGINX App Protect only) Create the *App Protect* role and binding:
 
@@ -26,7 +26,7 @@ If you're planning to use NGINX App Protect or NGINX App Protect DoS, additional
     kubectl apply -f deployments/rbac/ap-rbac.yaml
     ```
 
-2. (NGINX App Protect DoS only) Create the *App Protect DoS* role and binding:
+2. (F5 DoS for NGINX only) Create the *App Protect DoS* role and binding:
 
     ```shell
     kubectl apply -f deployments/rbac/apdos-rbac.yaml
diff --git a/content/includes/waf/install-next-steps.md b/content/includes/waf/install-next-steps.md
new file mode 100644
index 000000000..9d2214743
--- /dev/null
+++ b/content/includes/waf/install-next-steps.md
@@ -0,0 +1,10 @@
+---
+nd-docs:
+---
+
+Once you have successfully installed F5 WAF for NGINX, there are some topics you may want to follow afterwards:
+
+- [Configure policies]({{< ref "/waf/policies/configuration.md" >}}), to begin customizing your deployment
+- [IP intelligence]({{< ref "/waf/policies/ip-intelligence.md">}}), for the extra steps to enable the IP intelligence feature
+- [Converter tools]({{< ref "/waf/tools/converters.md" >}}), to convert existing resources from a BIG-IP environment
+- [Changelog]({{< ref "/waf/changelog.md" >}}), to view information from the latest releases
\ No newline at end of file
diff --git a/content/includes/waf/install-post-checks.md b/content/includes/waf/install-post-checks.md
new file mode 100644
index 000000000..8fea8b4cf
--- /dev/null
+++ b/content/includes/waf/install-post-checks.md
@@ -0,0 +1,61 @@
+---
+nd-docs:
+---
+
+Use the following steps to ensure that F5 WAF for NGINX enforcement is operational.
+
+Check that the three processes for F5 WAF for NGINX are running using `ps aux`:
+
+- _bd-socket-plugin_
+- _nginx: master process_
+- _nginx: worker process_
+
+```shell
+USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
+root         8  1.3  2.4 3486948 399092 ?      Sl   09:11   0:02 /usr/share/ts/bin/bd-socket-plugin tmm_count 4 proc_cpuinfo_cpu_mhz 2000000 total_xml_memory 307200000 total_umu_max_size 3129344 sys_max_account_id 1024 no_static_config
+root        14  0.0  0.1  71060 26680 ?        S    09:11   0:00 nginx: master process /usr/sbin/nginx -c /tmp/policy/test_nginx.conf -g daemon off;
+root        26  0.0  0.3  99236 52092 ?        S    09:12   0:00 nginx: worker process
+root        28  0.0  0.0  11788  2920 pts/0    Ss   09:12   0:00 bash
+root        43  0.0  0.0  47460  3412 pts/0    R+   09:14   0:00 ps aux
+```
+
+Verify there are no errors in the file `/var/log/nginx/error.log` and that the policy compiled successfully:
+
+```none
+2020/05/10 13:21:04 [notice] 402#402: APP_PROTECT { "event": "configuration_load_start", "configSetFile": "/opt/f5waf/config/config_set.json" }
+2020/05/10 13:21:04 [notice] 402#402: APP_PROTECT policy 'app_protect_default_policy' from: /etc/app_protect/conf/NginxDefaultPolicy.json compiled successfully
+2020/05/10 13:21:04 [notice] 402#402: APP_PROTECT { "event": "configuration_load_success", "software_version": "1.1.1", "attack_signatures_package":{"revision_datetime":"2019-07-16T12:21:31Z"},"completed_successfully":true}
+2020/05/10 13:21:04 [notice] 402#402: using the "epoll" event method
+2020/05/10 13:21:04 [notice] 402#402: nginx/1.17.6 (nginx-plus-r20)
+2020/05/10 13:21:04 [notice] 402#402: built by gcc 4.8.5 20150623 (Red Hat 4.8.5-36) (GCC)
+2020/05/10 13:21:04 [notice] 402#402: OS: Linux 3.10.0-957.27.2.el7.x86_64
+2020/05/10 13:21:04 [notice] 402#402: getrlimit(RLIMIT_NOFILE): 1048576:1048576
+2020/05/10 13:21:04 [notice] 406#406: start worker processes
+2020/05/10 13:21:04 [notice] 406#406: start worker process 407
+```
+
+Check that sending an attack signature in a request returns a response block page containing a support ID:
+
+```shell
+Request:
+http://10.240.185.211/?a=<script>
+
+Response:
+The requested URL was rejected. Please consult with your administrator.
+
+Your support ID is: 9847191526422998597
+
+[Go Back]
+```
+
+If your policy includes JSON/XML profiles, check `/var/log/app_protect/bd-socket-plugin.log` for possible errors:
+
+```shell
+grep '|ERR' /var/log/app_protect/bd-socket-plugin.log
+```
+
+Verify that Enforcement functionality is working by checking the following request is rejected:
+
+```shell
+curl "localhost/<script>"
+```
\ No newline at end of file
diff --git a/content/includes/waf/install-services-compose.md b/content/includes/waf/install-services-compose.md
new file mode 100644
index 000000000..269d09205
--- /dev/null
+++ b/content/includes/waf/install-services-compose.md
@@ -0,0 +1,54 @@
+---
+nd-docs:
+---
+
+Create a _docker-compose.yml_ file with the following contents in your host environment, replacing image tags as appropriate:
+
+```yaml
+services:
+  waf-enforcer:
+    container_name: waf-enforcer
+    image: waf-enforcer:5.2.0
+    environment:
+      - ENFORCER_PORT=50000
+    ports:
+      - "50000:50000"
+    volumes:
+      - /opt/app_protect/bd_config:/opt/app_protect/bd_config
+    networks:
+      - waf_network
+    restart: always
+
+  waf-config-mgr:
+    container_name: waf-config-mgr
+    image: waf-config-mgr:5.2.0
+    volumes:
+      - /opt/app_protect/bd_config:/opt/app_protect/bd_config
+      - /opt/app_protect/config:/opt/app_protect/config
+      - /etc/app_protect/conf:/etc/app_protect/conf
+    restart: always
+    network_mode: none
+    depends_on:
+      waf-enforcer:
+        condition: service_started
+
+networks:
+  waf_network:
+    driver: bridge
+```
+
+{{< call-out "caution" >}}
+
+In some operating systems, security mechanisms like SELinux or AppArmor are enabled by default, potentially blocking necessary file access for the nginx process and waf-config-mgr and waf-enforcer containers.
+
+To ensure NGINX App Protect WAF operates smoothly without compromising security, consider setting up a custom SELinux policy or AppArmor profile. 
+
+For short-term troubleshooting, you may use permissive (SELinux) or complain (AppArmor) mode to avoid these restrictions, but this is inadvisable for prolonged use.
+
+{{< /call-out >}}
+
+To start the F5 WAF for NGINX services, use `docker compose up` in the same folder as the _docker-compose.yml_ file:
+
+```shell
+sudo docker compose up -d
+```
\ No newline at end of file
diff --git a/content/includes/waf/install-services-docker.md b/content/includes/waf/install-services-docker.md
new file mode 100644
index 000000000..1ef39930e
--- /dev/null
+++ b/content/includes/waf/install-services-docker.md
@@ -0,0 +1,25 @@
+---
+nd-docs:
+---
+
+{{< call-out "warning" >}}
+
+This section **only** applies to V5 packages. 
+
+Skip to [Post-installation checks](#post-installation-checks) if you're using a V4 package.
+
+{{< /call-out>}}
+
+F5 WAF for NGINX uses Docker containers for its services when installed with a V5 package, which requires some extra set-up steps.
+
+First, create new directories for the services:
+
+```shell
+sudo mkdir -p /opt/app_protect/config /opt/app_protect/bd_config
+```
+
+Then assign new owners, with `101:101` as the default UID/GID
+
+```shell
+sudo chown -R 101:101 /opt/app_protect/
+```
\ No newline at end of file
diff --git a/content/includes/waf/install-services-images.md b/content/includes/waf/install-services-images.md
new file mode 100644
index 000000000..f7a01d2a9
--- /dev/null
+++ b/content/includes/waf/install-services-images.md
@@ -0,0 +1,12 @@
+---
+nd-docs:
+---
+
+Download the `waf-enforcer` and `waf-config-mgr` images. 
+
+Replace `5.2.0` with the release version you are deploying.
+
+```shell
+docker pull private-registry.nginx.com/nap/waf-enforcer:5.2.0
+docker pull private-registry.nginx.com/nap/waf-config-mgr:5.2.0
+```
\ No newline at end of file
diff --git a/content/includes/waf/install-services-registry.md b/content/includes/waf/install-services-registry.md
new file mode 100644
index 000000000..596f50bed
--- /dev/null
+++ b/content/includes/waf/install-services-registry.md
@@ -0,0 +1,11 @@
+---
+nd-docs:
+---
+
+Create a directory and copy your certificate and key to this directory:
+
+```shell
+mkdir -p /etc/docker/certs.d/private-registry.nginx.com
+cp <path-to-your-nginx-repo.crt> /etc/docker/certs.d/private-registry.nginx.com/client.cert
+cp <path-to-your-nginx-repo.key> /etc/docker/certs.d/private-registry.nginx.com/client.key
+```
\ No newline at end of file
diff --git a/content/includes/waf/install-update-configuration.md b/content/includes/waf/install-update-configuration.md
new file mode 100644
index 000000000..3cff1c2f3
--- /dev/null
+++ b/content/includes/waf/install-update-configuration.md
@@ -0,0 +1,127 @@
+---
+nd-docs:
+---
+
+Once you have installed F5 WAF for NGINX, you must load it as a module in the main context of your NGINX configuration.
+
+```nginx
+load_module modules/ngx_http_app_protect_module.so;
+```
+
+The Enforcer address must be added at the _http_ context:
+
+```nginx
+app_protect_enforcer_address 127.0.0.1:50000;
+```
+
+And finally, F5 WAF for NGINX can enabled on a _http_, _server_ or _location_ context:
+
+```nginx
+app_protect_enable on;
+```
+
+{{< call-out "warning" >}}
+
+You should only enable F5 WAF for NGINX on _proxy_pass_ and _grpc_pass_ locations.
+
+{{< /call-out >}}
+
+Here are two examples of how these additions could look in configuration files:
+
+{{<tabs name="example-configuration-files">}}
+
+{{% tab name="nginx.conf" %}}
+
+`/etc/nginx/nginx.conf`
+
+```nginx
+user  nginx;
+worker_processes  auto;
+
+# NGINX App Protect WAF
+load_module modules/ngx_http_app_protect_module.so;
+
+error_log  /var/log/nginx/error.log notice;
+pid        /var/run/nginx.pid;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                    '$status $body_bytes_sent "$http_referer" '
+                    '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    # NGINX App Protect WAF
+    app_protect_enforcer_address 127.0.0.1:50000;
+
+    include /etc/nginx/conf.d/*.conf;
+}
+```
+
+
+{{% /tab %}}
+
+{{% tab name="default.conf" %}}
+
+`/etc/nginx/conf.d/default.conf`
+
+```nginx
+server {
+    listen 80;
+    server_name domain.com;
+
+    proxy_http_version 1.1;
+
+    location / {
+
+        # NGINX App Protect WAF
+        app_protect_enable on;
+
+        client_max_body_size 0;
+        default_type text/html;
+        proxy_pass http://127.0.0.1:8080/;
+    }
+}
+
+server {
+    listen 8080;
+    server_name localhost;
+
+    location / {
+        root /usr/share/nginx/html;
+        index index.html index.htm;
+    }
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page 500 502 503 504 /50x.html;
+    location = /50x.html {
+        root /usr/share/nginx/html;
+    }
+}
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+Once you have updated your configuration files, you can reload NGINX to apply the changes. You have two options depending on your environment:
+
+- `nginx -s reload`
+- `sudo systemctl reload nginx`
+
+If you are using a V4 package, you have finished installing F5 WAF for NGINX and can look at [Post-installation checks](#post-installation-checks).
diff --git a/content/includes/waf/policy.html b/content/includes/waf/policy.html
new file mode 100644
index 000000000..a3c8e9a88
--- /dev/null
+++ b/content/includes/waf/policy.html
@@ -0,0 +1,6788 @@
+<style>
+  table, th, td {
+    border: 1px solid black;
+  }
+  td {
+    padding:5px;
+  }
+</style>
+
+<h1 id="policy">policy</h1>
+<table>
+<colgroup>
+<col style="width: 23%" />
+<col style="width: 5%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Reference</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/access-profiles">access-profiles</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>applicationLanguage</code></td>
+<td>No</td>
+<td>string</td>
+<td>The character encoding for the application. The character encoding determines how the policy processes the character sets. The default is utf-8.</td>
+<td><ul>
+<li>big5</li>
+<li>euc-jp</li>
+<li>euc-kr</li>
+<li>gb18030</li>
+<li>gb2312</li>
+<li>gbk</li>
+<li>iso-8859-1</li>
+<li>iso-8859-10</li>
+<li>iso-8859-13</li>
+<li>iso-8859-15</li>
+<li>iso-8859-16</li>
+<li>iso-8859-2</li>
+<li>iso-8859-3</li>
+<li>iso-8859-4</li>
+<li>iso-8859-5</li>
+<li>iso-8859-6</li>
+<li>iso-8859-7</li>
+<li>iso-8859-8</li>
+<li>iso-8859-9</li>
+<li>koi8-r</li>
+<li>shift_jis</li>
+<li>utf-8</li>
+<li>windows-1250</li>
+<li>windows-1251</li>
+<li>windows-1252</li>
+<li>windows-1253</li>
+<li>windows-1255</li>
+<li>windows-1256</li>
+<li>windows-1257</li>
+<li>windows-874</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/blocking-settings">blocking-settings</a></td>
+<td>Yes</td>
+<td>object</td>
+<td>This section defines policy block/alarm behaviors.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/bot-defense">bot-defense</a></td>
+<td>Yes</td>
+<td>object</td>
+<td>This section defines the properties of the bot defense feature.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/browser-definitions">browser-definitions</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/brute-force-attack-preventions">brute-force-attack-preventions</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>Defines configuration for Brute Force Protection feature. There is default configuration (one with bruteForceProtectionForAllLoginPages flag and without url) that applies to all configured login URLs unless there exists another brute force configuration for a specific login page.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>caseInsensitive</code></td>
+<td>No</td>
+<td>boolean</td>
+<td>Specifies whether the security policy treats microservice URLs, file types, URLs, and parameters as case sensitive or not. When this setting is enabled, the system stores these security policy elements in lowercase in the security policy configuration.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/character-sets">character-sets</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/cookie-settings">cookie-settings</a></td>
+<td>Yes</td>
+<td>object</td>
+<td>The maximum length of a cookie header name and value that the system processes. The system calculates and enforces a cookie header length based on the sum of the length of the cookie header name and value.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><p><a href="#policy/cookies">cookies</a></p></td>
+<td><p>Yes</p></td>
+<td><p>array of objects</p></td>
+<td><p>This section defines Cookie entities for your policy. You can specify the cookies that you want to allow, and the ones you want to enforce in a security policy:</p>
+<blockquote>
+<ul>
+<li><strong>Allowed cookies</strong>: The system allows these cookies and clients can change them.</li>
+<li><strong>Enforced cookies</strong>: The system enforces the cookies in the list (not allowing clients to change them) and allows clients to change all others.</li>
+</ul>
+</blockquote></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/csrf-protection">csrf-protection</a></td>
+<td>Yes</td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/csrf-urls">csrf-urls</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/data-guard">data-guard</a></td>
+<td>Yes</td>
+<td>object</td>
+<td>Data Guard feature can prevent responses from exposing sensitive information by masking the data.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>description</code></td>
+<td>No</td>
+<td>string</td>
+<td>Specifies the description of the policy.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/disallowed-geolocations">disallowed-geolocations</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>Specifies a list of countries that may not access the web application.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>enforcementMode</code></td>
+<td>No</td>
+<td>string</td>
+<td><dl>
+<dt>How the system processes a request that triggers a security policy violation.</dt>
+<dd><ul>
+<li><strong>Blocking:</strong> When the enforcement mode is set to blocking, traffic is blocked if it causes a violation (configured for blocking).</li>
+<li><strong>Transparent:</strong> When the enforcement mode is set to transparent, traffic is not blocked even if a violation is triggered.</li>
+</ul>
+</dd>
+</dl></td>
+<td><ul>
+<li>blocking</li>
+<li>transparent</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/enforcer-settings">enforcer-settings</a></td>
+<td>Yes</td>
+<td>object</td>
+<td>This section contains all enforcer settings.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><p><a href="#policy/filetypes">filetypes</a></p></td>
+<td><p>Yes</p></td>
+<td><p>array of objects</p></td>
+<td><p>File types are categorization of the URLs in the request by the extension appearing past the last dot at the end of the URL. For example, the file type of /index.php is "php". Other well known file types are html, aspx, png, jpeg and many more. A special case is the "empty" file type called "no-ext" meaning, no extension in which the URL has no dot at its last segment as in /foo_no_dot</p>
+<p>File types usually imply the expected content type in the response. For example, html and php return HTML content, while jpeg, png and gif return images, each in its respective format. File types also imply the server technology deployed for rendering the page. For example, php (PHP), aspx (ASP) and many others.</p>
+<p>The security policy uses file types for several purposes:</p>
+<p>1. Ability to define which file types are allowed and which are disallowed. By including the pure wildcard "*" file type and a list of disallowed file types you have a file type denylist. By having a list of explicit file type <em>without</em> the pure wildcard "*" you have a file type allowlist.</p>
+<ol start="2" type="1">
+<li>Each file type implies maximum <em>length restrictions</em> for the requests of that file type. The checked lengths are per the URL, Query String, total request length, and payload (POST data).</li>
+<li>Each file type determines whether to detect <em>response signatures</em> for requests of that file type. Typically, one would never check signatures for image file types.</li>
+</ol></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>fullPath</code></td>
+<td>No</td>
+<td>string</td>
+<td>The full name of the policy including partition.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/general">general</a></td>
+<td>Yes</td>
+<td>object</td>
+<td>This section includes several advanced policy configuration settings.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/graphql-profiles">graphql-profiles</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/grpc-profiles">grpc-profiles</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/header-settings">header-settings</a></td>
+<td>Yes</td>
+<td>object</td>
+<td>The maximum length of an HTTP header name and value that the system processes. The system calculates and enforces the HTTP header length based on the sum of the length of the HTTP header name and value.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/headers">headers</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>This section defines Header entities for your policy.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/host-names">host-names</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/idl-files">idl-files</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/ip-address-lists">ip-address-lists</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>An IP address list is a list of IP addresses that you want the system to treat in a specific way for a security policy.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/ip-intelligence">ip-intelligence</a></td>
+<td>Yes</td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/json-profiles">json-profiles</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/json-validation-files">json-validation-files</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/login-enforcement">login-enforcement</a></td>
+<td>Yes</td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/login-pages">login-pages</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>A login page is a URL in a web application that requests must pass through to get to the authenticated URLs. Use login pages, for example, to prevent forceful browsing of restricted parts of the web application, by defining access permissions for users. Login pages also allow session tracking of user sessions.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/methods">methods</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>No</td>
+<td>string</td>
+<td>The unique user-given name of the policy. Policy names cannot contain spaces or special characters. Allowed characters are a-z, A-Z, 0-9, dot, dash (-), colon (:) and underscore (_).</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/open-api-files">open-api-files</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/override-rules">override-rules</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>This section defines policy override rules.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/parameters">parameters</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>This section defines parameters that the security policy permits in requests.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>performStaging</code></td>
+<td>No</td>
+<td>boolean</td>
+<td>Determines staging handling for all applicable entities in the policy, such as signatures, URLs, parameters, and cookies. If disabled, all entities will be enforced and any violations triggered will be considered illegal.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/response-pages">response-pages</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>The Security Policy has a default blocking response page that it returns to the client when the client request, or the web server response, is blocked by the security policy. You can change the way the system responds to blocked requests. All default response pages contain a variable, &lt;%TS.request.ID()%&gt;, that the system replaces with a support ID number when it issues the page.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/sensitive-parameters">sensitive-parameters</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>This section defines sensitive parameters. The contents of these parameters are not visible in logs nor in the user interfaces. Instead of actual values a string of asterisks is shown for these parameters. Use these parameters to protect sensitive user input, such as a password or a credit card number, in a validated request. A parameter name of "password" is always defined as sensitive by default.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/server-technologies">server-technologies</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>The server technology is a server-side application, framework, web server or operating system type that is configured in the policy in order to adapt the policy to the checks needed for the respective technology.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/signature-requirements">signature-requirements</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/signature-sets">signature-sets</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>Defines behavior when signatures found within a signature-set are detected in a request. Settings are culmulative, so if a signature is found in any set with block enabled, that signature will have block enabled.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/signature-settings">signature-settings</a></td>
+<td>Yes</td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/signatures">signatures</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>This section defines the properties of a signature on the policy.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/template">template</a></td>
+<td>Yes</td>
+<td>object</td>
+<td>Specifies the template to populate the default attributes of a new policy.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/threat-campaigns">threat-campaigns</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>This section defines the enforcement state for the threat campaigns in the security policy.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/urls">urls</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>In a security policy, you can manually specify the HTTP URLs that are allowed (or disallowed) in traffic to the web application being protected. When you create a security policy, wildcard URLs of * (representing all HTTP URLs) are added to the Allowed HTTP URLs lists.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>wafEngineVersion</code></td>
+<td>No</td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/xml-profiles">xml-profiles</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/open-api-files">open-api-files</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>link</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/template">template</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>derivedFrom</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td>Specifies the name of the template used for the policy creation.</td>
+<td><ul>
+<li>POLICY_TEMPLATE_NGINX_BASE</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/access-profiles">access-profiles</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>description</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>enforceMaximumLength</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>enforceValidityPeriod</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/access-profiles/keyFiles">keyFiles</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/access-profiles/location">location</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>maximumLength</code></td>
+<td>integer</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>type</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>jwt</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/access-profiles/usernameExtraction">usernameExtraction</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>verifyDigitalSignature</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/access-profiles/keyFiles">keyFiles</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>contents</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>fileName</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/access-profiles/location">location</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>in</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>header</li>
+<li>query</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/access-profiles/usernameExtraction">usernameExtraction</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>claimPropertyName</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>isMandatory</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/blocking-settings">blocking-settings</h2>
+<table>
+<colgroup>
+<col style="width: 23%" />
+<col style="width: 5%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Reference</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/blocking-settings_evasions">evasions</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>This section defines behavior of 'Evasion technique detected' (VIOL_EVASION) violation sub-violations. User can control which sub-violations are enabled (alarmed/blocked). Behavior of sub-violations depends on the block/alarm settings of 'Evasion technique detected' violation, defined in /policy/blocking-settings/violations section: - If both alarm and block are disabled - enable flag becomes irrelevant, since there will be no block/alarm for all sub-violations</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/blocking-settings_http-protocols">http-protocols</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>This section defines behavior of 'HTTP protocol compliance failed' (VIOL_HTTP_PROTOCOL) violation sub-violations. User can control which sub-violations are enabled (alarmed/blocked). Behavior of sub-violations depends on the block/alarm settings of 'HTTP protocol compliance failed' violation, - If both alarm and block are disabled - enable flag becomes irrelevant, since there will be no block/alarm for all sub-violations</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/blocking-settings_violations">violations</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/bot-defense">bot-defense</h2>
+<table>
+<colgroup>
+<col style="width: 23%" />
+<col style="width: 5%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Reference</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/bot-defense_mitigations">mitigations</a></td>
+<td>Yes</td>
+<td>object</td>
+<td>This section defines the mitigation to each class or signature.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/bot-defense_settings">settings</a></td>
+<td>Yes</td>
+<td>object</td>
+<td>This section contains all bot defense settings.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/browser-definitions">browser-definitions</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>isUserDefined</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>matchRegex</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>matchString</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/brute-force-attack-preventions">brute-force-attack-preventions</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>bruteForceProtectionForAllLoginPages</code></td>
+<td>boolean</td>
+<td>When enabled, enables Brute Force Protection for all configured login URLs. When disabled, only brute force configurations for specific login pages are applied in case they exist.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/brute-force-attack-preventions/loginAttemptsFromTheSameIp">loginAttemptsFromTheSameIp</a></td>
+<td>object</td>
+<td>Specifies configuration for detecting brute force attacks from IP Address.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/brute-force-attack-preventions/loginAttemptsFromTheSameUser">loginAttemptsFromTheSameUser</a></td>
+<td>object</td>
+<td>Specifies configuration for detecting brute force attacks for Username.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>reEnableLoginAfter</code></td>
+<td>integer minimum: 60 maximum: 90000</td>
+<td>Defines prevention period (measured in seconds) for source-based brute force attacks.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>sourceBasedProtectionDetectionPeriod</code></td>
+<td>integer minimum: 60 maximum: 90000</td>
+<td>Defines detection period (measured in seconds) for source-based brute force attacks.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/urls">url</a></td>
+<td>object</td>
+<td>Reference to the URL used in login URL configuration (policy/login-pages). This login URL is protected by Brute Force Protection feature.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/brute-force-attack-preventions/loginAttemptsFromTheSameIp">loginAttemptsFromTheSameIp</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><p><code>action</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies action that is applied when defined threshold is reached.</p>
+<blockquote>
+<ul>
+<li><strong>alarm</strong>: The system will log the login attempt.</li>
+<li><strong>alarm-and-blocking-page</strong>: The system will log the login attempt, block the request and send the Blocking page.</li>
+<li><strong>alarm-and-captcha</strong>: The system determines whether the client is a legal browser operated by a human user by sending a CAPTCHA challenge. A login attempt is logged if the client successfully passes the CAPTCHA challenge.</li>
+<li><strong>alarm-and-client-side-integrity</strong>: The system determines whether the client is a legal browser or a bot by sending a page containing JavaScript code and waiting for a response. Legal browsers are able to execute JavaScript and produce a valid response, whereas bots cannot. A login attempt is logged if the client successfully passes the Client Side Integrity challenge.</li>
+<li><strong>alarm-and-drop</strong>: The system will log the login attempt and reset the TCP connection.</li>
+<li><strong>alarm-and-honeypot-page</strong>: The system will log the login attempt, block the request and send the Honeypot page. The Honeypot page is used for attacker deception. The page should look like an application failed login page. Unlike with the Blocking page, when the Honeypot page is sent an attacker is not able to distinguish a failed login response from a mitigation. As a result, the attacker will not change identity (Source IP or Device ID) and the brute force attack will be rendered ineffective. The Honeypot page is recommended when mitigation is request blocking.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>alarm</li>
+<li>alarm-and-blocking-page</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td>When enabled, the system counts failed login attempts from IP Address.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>threshold</code></td>
+<td>integer minimum: 1 maximum: 1000</td>
+<td>After configured threshold (number of failed login attempts from IP Address) defined action will be applied for the next login attempt.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/brute-force-attack-preventions/loginAttemptsFromTheSameUser">loginAttemptsFromTheSameUser</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><p><code>action</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies action that is applied when defined threshold is reached.</p>
+<blockquote>
+<ul>
+<li><strong>alarm</strong>: The system will log the login attempt.</li>
+<li><strong>alarm-and-captcha</strong>: The system determines whether the client is a legal browser operated by a human user by sending a CAPTCHA challenge. A login attempt is logged if the client successfully passes the CAPTCHA challenge.</li>
+<li><strong>alarm-and-client-side-integrity</strong>: The system determines whether the client is a legal browser or a bot by sending a page containing JavaScript code and waiting for a response. Legal browsers are able to execute JavaScript and produce a valid response, whereas bots cannot. A login attempt is logged if the client successfully passes the Client Side Integrity challenge.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>alarm</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td>When enabled, the system counts failed login attempts for each Username.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>threshold</code></td>
+<td>integer minimum: 1 maximum: 100</td>
+<td>After configured threshold (number of failed login attempts for each Username) defined action will be applied for the next login attempt.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/character-sets">character-sets</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/character-sets/characterSet">characterSet</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>characterSetType</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>header</li>
+<li>url</li>
+<li>parameter-name</li>
+<li>parameter-value</li>
+<li>xml-content</li>
+<li>json-content</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/character-sets/characterSet">characterSet</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>isAllowed</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metachar</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/cookie-settings">cookie-settings</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>maximumCookieHeaderLength</code></td>
+<td><ul>
+<li>integer minimum: 1 maximum: 65536</li>
+<li>string</li>
+</ul></td>
+<td>Maximum Cookie Header Length must be greater than 0 and less than 65536 bytes (64K). Note: if 0 or <em>any</em> are set, then no restriction on the cookie header length is applied.</td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/cookies">cookies</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>accessibleOnlyThroughTheHttpProtocol</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that the system adds the HttpOnly attribute to the domain cookie's response header. This is done to expose the cookie to only HTTP and HTTPS entities. This prevents the cookie from being modified, or intercepted even if it is not modified, by unwanted third parties that run scripts on the web page.
+<dl>
+<dt><strong>Notes</strong>:</dt>
+<dd><ul>
+<li>The system does not validate that the cookie has not been modified or intercepted.</li>
+<li>The feature covers all security policy cookies, both enforced and allowed, explicit and wildcard.</li>
+</ul>
+</dd>
+</dl></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>attackSignaturesCheck</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that you want attack signatures and threat campaigns to be detected on this cookie and possibly override the security policy settings of an attack signature or threat campaign specifically for this cookie. After you enable this setting, the system displays a list of attack signatures and threat campaigns.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>decodeValueAsBase64</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies whether the the system should detect or require values to be Base64 encoded:</p>
+<blockquote>
+<ul>
+<li><strong>disabled</strong>: the value will not be decoded as Base64 content.</li>
+<li><strong>enabled</strong>: the value will be checked whether it can be decoded as Base64 and, if so, security checks will be performed on the decoded value.</li>
+<li><strong>required</strong>: the value must be decoded as Base64, and security checks will be performed on the decoded value.</li>
+</ul>
+<p><strong>Note</strong>: This setting is only relevant if the Cookie Enforcement Type is set to Allowed.</p>
+</blockquote></td>
+<td><ul>
+<li>disabled</li>
+<li>enabled</li>
+<li>required</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><p><code>enforcementType</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies how the system treats this cookie.</p>
+<blockquote>
+<ul>
+<li><strong>enforced</strong>: Specifies that according to the security policy, this cookie may not be changed by the client.</li>
+<li><strong>allowed</strong>: Specifies that according to the security policy, this cookie may be changed by the client. The system ignores this cookie.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>allow</li>
+<li>enforce</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><p><code>insertSameSiteAttribute</code></p></td>
+<td><p>string</p></td>
+<td><p>The introduction of the SameSite http attribute (defined in [RFC6265bis](<a href="https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00">https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00</a>)) allows you to declare if your cookie should be restricted to a first-party or same-site context. Introducing the SameSite attribute on a cookie provides three different ways of controlling same-site vs. cross-site cookie sending:</p>
+<blockquote>
+<ul>
+<li><strong>strict</strong>: Cookie will only be sent in a first-party context. In user terms, the cookie will only be sent if the site for the cookie matches the site currently shown in the browser's URL bar.</li>
+<li><strong>lax</strong>: Cookies will be sent with top level navigation</li>
+<li><strong>none-value</strong>: Cookies will be sent in a third-party context.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>lax</li>
+<li>none</li>
+<li>none-value</li>
+<li>strict</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>maskValueInLogs</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that the cookie's value will be masked in the request log.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>name</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies the cookie name as appearing in the http cookie header. The cookie name length is limited to 500 characters.</p>
+<p>Names can be one of the following according to the <em>type</em> attribute:</p>
+<blockquote>
+<ul>
+<li><strong>explicit</strong>: Specifies that the cookie has a specific name and is not a wildcard entity. Type the name of a cookie exactly as you expect it to appear in the request.</li>
+<li><strong>wildcard</strong>: Specifies that any cookie that matches the listed wildcard expression should be treated according to the wildcard attributes. Type a wildcard expression that matches the expected cookie. For example, the wildcard expression cookie_12* of type Enforced specifies that the security policy should not allow modified domain cookies for all cookies which match cookie_12*.</li>
+</ul>
+</blockquote>
+<p>The syntax for wildcard entities is based on shell-style wildcard characters. The list below describes the wildcard characters that you can use so that the entity name can match multiple objects.</p>
+<blockquote>
+<ul>
+<li><strong>*</strong>: Matches all characters</li>
+<li><strong>?</strong>: Matches any single character</li>
+<li><strong>[abcde]</strong>: Matches exactly one of the characters listed</li>
+<li><strong>[!abcde]</strong>: Matches any character not listed</li>
+<li><strong>[a-e]</strong>: Matches exactly one character in the range</li>
+<li><strong>[!a-e]</strong>: Matches any character not in the range</li>
+</ul>
+</blockquote>
+<p><strong>Note</strong>: Wildcards do not match regular expressions. Do not use a regular expression as a wildcard.</p></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>securedOverHttpsConnection</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that the system adds the Secure attribute to the domain cookie's response header. This is done to ensure that the cookies are returned to the server only over SSL (by using the HTTPS protocol). This prevents the cookie from being intercepted, but does not guarantee its integrity.
+<dl>
+<dt><strong>Notes</strong>:</dt>
+<dd><ul>
+<li>The system does not validate that the cookie was received over SSL.</li>
+<li>The feature covers all security policy cookies, both enforced and allowed, explicit and wildcard.</li>
+</ul>
+</dd>
+</dl></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/cookies/signatureOverrides">signatureOverrides</a></td>
+<td>array of objects</td>
+<td>Array of signature overrides. Specifies attack signatures whose security policy settings are overridden for this cookie, and which action the security policy takes when it discovers a request for this cookie that matches these attack signatures.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>type</code></td>
+<td>string</td>
+<td>Determines the type of the <strong>name</strong> attribute. Only when setting the type to wildcard will the special wildcard characters in the name be interpreted as such.</td>
+<td><ul>
+<li>explicit</li>
+<li>wildcard</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>wildcardOrder</code></td>
+<td>integer</td>
+<td>Specifies the order index for wildcard cookies matching. Wildcard cookies with lower wildcard order will get checked for a match prior to cookies with higher wildcard order.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/cookies/signatureOverrides">signatureOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that the overridden signature is enforced</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td>The signature name which, along with the signature tag, identifies the signature.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>signatureId</code></td>
+<td>integer</td>
+<td>The signature ID which identifies the signature.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>tag</code></td>
+<td>string</td>
+<td>The signature tag which, along with the signature name, identifies the signature.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/csrf-protection">csrf-protection</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>expirationTimeInSeconds</code></td>
+<td><ul>
+<li>integer</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"disabled"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>sslOnly</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/csrf-urls">csrf-urls</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enforcementAction</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>none</li>
+<li>verify-origin</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>method</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>GET</li>
+<li>POST</li>
+<li>any</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>url</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>wildcardOrder</code></td>
+<td>integer</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/data-guard">data-guard</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>creditCardNumbers</code></td>
+<td>boolean</td>
+<td>If <em>true</em> the system considers credit card numbers as sensitive data.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>customPatterns</code></td>
+<td>boolean</td>
+<td>If <em>true</em> the system recognizes customized patterns as sensitive data.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>customPatternsList</code></td>
+<td>array of strings</td>
+<td>List of PCRE regular expressions that specify the sensitive data patterns.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td>If <em>true</em> the system protects sensitive data.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>enforcementMode</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies the URLs for which the system enforces data guard protection.</p>
+<blockquote>
+<ul>
+<li><strong>ignore-urls-in-list</strong>: Specifies that the system enforces data guard protection for all URLs except for those URLs in the Enforcement Mode list.</li>
+<li><strong>enforce-urls-in-list</strong>: Specifies that the system enforces data guard protection only for those URLs in the Enforcement Mode list</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>enforce-urls-in-list</li>
+<li>ignore-urls-in-list</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>enforcementUrls</code></td>
+<td>array of strings</td>
+<td>List of URLS to be enforced based on enforcement mode of data guard protection.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>firstCustomCharactersToExpose</code></td>
+<td>integer minimum: 0 maximum: 255</td>
+<td>Specifies the number of first alphanumeric characters in Custom patterns that are exposed.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>lastCustomCharactersToExpose</code></td>
+<td>integer minimum: 0 maximum: 255</td>
+<td>Specifies the number of last alphanumeric characters in Custom patterns that are exposed.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>maskData</code></td>
+<td>boolean</td>
+<td>If <em>true</em> the system intercepts the returned responses to mask sensitive data.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>usSocialSecurityNumbers</code></td>
+<td>boolean</td>
+<td>If <em>true</em> the system considers U.S Social Security numbers as sensitive data.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/disallowed-geolocations">disallowed-geolocations</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>countryCode</code></td>
+<td>string</td>
+<td>Specifies the ISO country code of the selected country.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>countryName</code></td>
+<td>string</td>
+<td>Specifies the name of the country.</td>
+<td><ul>
+<li>Afghanistan</li>
+<li>Aland Islands</li>
+<li>Albania</li>
+<li>Algeria</li>
+<li>American Samoa</li>
+<li>Andorra</li>
+<li>Angola</li>
+<li>Anguilla</li>
+<li>Anonymous Proxy</li>
+<li>Antarctica</li>
+<li>Antigua and Barbuda</li>
+<li>Argentina</li>
+<li>Armenia</li>
+<li>Aruba</li>
+<li>Australia</li>
+<li>Austria</li>
+<li>Azerbaijan</li>
+<li>Bahamas</li>
+<li>Bahrain</li>
+<li>Bangladesh</li>
+<li>Barbados</li>
+<li>Belarus</li>
+<li>Belgium</li>
+<li>Belize</li>
+<li>Benin</li>
+<li>Bermuda</li>
+<li>Bhutan</li>
+<li>Bolivia</li>
+<li>Bosnia and Herzegovina</li>
+<li>Botswana</li>
+<li>Bouvet Island</li>
+<li>Brazil</li>
+<li>British Indian Ocean Territory</li>
+<li>Brunei Darussalam</li>
+<li>Bulgaria</li>
+<li>Burkina Faso</li>
+<li>Burundi</li>
+<li>Cambodia</li>
+<li>Cameroon</li>
+<li>Canada</li>
+<li>Cape Verde</li>
+<li>Cayman Islands</li>
+<li>Central African Republic</li>
+<li>Chad</li>
+<li>Chile</li>
+<li>China</li>
+<li>Christmas Island</li>
+<li>Cocos (Keeling) Islands</li>
+<li>Colombia</li>
+<li>Comoros</li>
+<li>Congo</li>
+<li>Congo, The Democratic Republic of the</li>
+<li>Cook Islands</li>
+<li>Costa Rica</li>
+<li>Cote D'Ivoire</li>
+<li>Croatia</li>
+<li>Cuba</li>
+<li>Cyprus</li>
+<li>Czech Republic</li>
+<li>Denmark</li>
+<li>Djibouti</li>
+<li>Dominica</li>
+<li>Dominican Republic</li>
+<li>Ecuador</li>
+<li>Egypt</li>
+<li>El Salvador</li>
+<li>Equatorial Guinea</li>
+<li>Eritrea</li>
+<li>Estonia</li>
+<li>Ethiopia</li>
+<li>Falkland Islands (Malvinas)</li>
+<li>Faroe Islands</li>
+<li>Fiji</li>
+<li>Finland</li>
+<li>France</li>
+<li>France, Metropolitan</li>
+<li>French Guiana</li>
+<li>French Polynesia</li>
+<li>French Southern Territories</li>
+<li>Gabon</li>
+<li>Gambia</li>
+<li>Georgia</li>
+<li>Germany</li>
+<li>Ghana</li>
+<li>Gibraltar</li>
+<li>Greece</li>
+<li>Greenland</li>
+<li>Grenada</li>
+<li>Guadeloupe</li>
+<li>Guam</li>
+<li>Guatemala</li>
+<li>Guernsey</li>
+<li>Guinea</li>
+<li>Guinea-Bissau</li>
+<li>Guyana</li>
+<li>Haiti</li>
+<li>Heard Island and McDonald Islands</li>
+<li>Holy See (Vatican City State)</li>
+<li>Honduras</li>
+<li>Hong Kong</li>
+<li>Hungary</li>
+<li>Iceland</li>
+<li>India</li>
+<li>Indonesia</li>
+<li>Iran, Islamic Republic of</li>
+<li>Iraq</li>
+<li>Ireland</li>
+<li>Isle of Man</li>
+<li>Israel</li>
+<li>Italy</li>
+<li>Jamaica</li>
+<li>Japan</li>
+<li>Jersey</li>
+<li>Jordan</li>
+<li>Kazakhstan</li>
+<li>Kenya</li>
+<li>Kiribati</li>
+<li>Korea, Democratic People's Republic of</li>
+<li>Korea, Republic of</li>
+<li>Kuwait</li>
+<li>Kyrgyzstan</li>
+<li>Lao People's Democratic Republic</li>
+<li>Latvia</li>
+<li>Lebanon</li>
+<li>Lesotho</li>
+<li>Liberia</li>
+<li>Libyan Arab Jamahiriya</li>
+<li>Liechtenstein</li>
+<li>Lithuania</li>
+<li>Luxembourg</li>
+<li>Macau</li>
+<li>Macedonia</li>
+<li>Madagascar</li>
+<li>Malawi</li>
+<li>Malaysia</li>
+<li>Maldives</li>
+<li>Mali</li>
+<li>Malta</li>
+<li>Marshall Islands</li>
+<li>Martinique</li>
+<li>Mauritania</li>
+<li>Mauritius</li>
+<li>Mayotte</li>
+<li>Mexico</li>
+<li>Micronesia, Federated States of</li>
+<li>Moldova, Republic of</li>
+<li>Monaco</li>
+<li>Mongolia</li>
+<li>Montenegro</li>
+<li>Montserrat</li>
+<li>Morocco</li>
+<li>Mozambique</li>
+<li>Myanmar</li>
+<li>N/A</li>
+<li>Namibia</li>
+<li>Nauru</li>
+<li>Nepal</li>
+<li>Netherlands</li>
+<li>Netherlands Antilles</li>
+<li>New Caledonia</li>
+<li>New Zealand</li>
+<li>Nicaragua</li>
+<li>Niger</li>
+<li>Nigeria</li>
+<li>Niue</li>
+<li>Norfolk Island</li>
+<li>Northern Mariana Islands</li>
+<li>Norway</li>
+<li>Oman</li>
+<li>Other</li>
+<li>Pakistan</li>
+<li>Palau</li>
+<li>Palestinian Territory</li>
+<li>Panama</li>
+<li>Papua New Guinea</li>
+<li>Paraguay</li>
+<li>Peru</li>
+<li>Philippines</li>
+<li>Pitcairn Islands</li>
+<li>Poland</li>
+<li>Portugal</li>
+<li>Puerto Rico</li>
+<li>Qatar</li>
+<li>Reunion</li>
+<li>Romania</li>
+<li>Russian Federation</li>
+<li>Rwanda</li>
+<li>Saint Barthelemy</li>
+<li>Saint Helena</li>
+<li>Saint Kitts and Nevis</li>
+<li>Saint Lucia</li>
+<li>Saint Martin</li>
+<li>Saint Pierre and Miquelon</li>
+<li>Saint Vincent and the Grenadines</li>
+<li>Samoa</li>
+<li>San Marino</li>
+<li>Sao Tome and Principe</li>
+<li>Satellite Provider</li>
+<li>Saudi Arabia</li>
+<li>Senegal</li>
+<li>Serbia</li>
+<li>Seychelles</li>
+<li>Sierra Leone</li>
+<li>Singapore</li>
+<li>Slovakia</li>
+<li>Slovenia</li>
+<li>Solomon Islands</li>
+<li>Somalia</li>
+<li>South Africa</li>
+<li>South Georgia and the South Sandwich Islands</li>
+<li>Spain</li>
+<li>Sri Lanka</li>
+<li>Sudan</li>
+<li>Suriname</li>
+<li>Svalbard and Jan Mayen</li>
+<li>Swaziland</li>
+<li>Sweden</li>
+<li>Switzerland</li>
+<li>Syrian Arab Republic</li>
+<li>Taiwan</li>
+<li>Tajikistan</li>
+<li>Tanzania, United Republic of</li>
+<li>Thailand</li>
+<li>Timor-Leste</li>
+<li>Togo</li>
+<li>Tokelau</li>
+<li>Tonga</li>
+<li>Trinidad and Tobago</li>
+<li>Tunisia</li>
+<li>Turkey</li>
+<li>Turkmenistan</li>
+<li>Turks and Caicos Islands</li>
+<li>Tuvalu</li>
+<li>Uganda</li>
+<li>Ukraine</li>
+<li>United Arab Emirates</li>
+<li>United Kingdom</li>
+<li>United States</li>
+<li>United States Minor Outlying Islands</li>
+<li>Uruguay</li>
+<li>Uzbekistan</li>
+<li>Vanuatu</li>
+<li>Venezuela</li>
+<li>Vietnam</li>
+<li>Virgin Islands, British</li>
+<li>Virgin Islands, U.S.</li>
+<li>Wallis and Futuna</li>
+<li>Western Sahara</li>
+<li>Yemen</li>
+<li>Zambia</li>
+<li>Zimbabwe</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/enforcer-settings">enforcer-settings</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/enforcer-settings/enforcerStateCookies">enforcerStateCookies</a></td>
+<td>object</td>
+<td>This section defines the properties of the enforcer state cookies.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/enforcer-settings/enforcerStateCookies">enforcerStateCookies</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>httpOnlyAttribute</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that the system adds the state cookie HttpOnly attribute.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><p><code>sameSiteAttribute</code></p></td>
+<td><p>string</p></td>
+<td><p>The value for the state cookie SameSite attribute:</p>
+<blockquote>
+<ul>
+<li><strong>none</strong>: The SameSite attribute is never added to the state cookie.</li>
+<li><strong>strict</strong>: Cookie will only be sent in a first-party context. In user terms, the cookie will only be sent if the site for the cookie matches the site currently shown in the browser's URL bar.</li>
+<li><strong>lax</strong>: Cookies will be sent with top level navigation</li>
+<li><strong>none-value</strong>: Cookies will be sent in a third-party context.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>lax</li>
+<li>none</li>
+<li>none-value</li>
+<li>strict</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><p><code>secureAttribute</code></p></td>
+<td><p>string</p></td>
+<td><p>The value for the state cookie Secure attribute:</p>
+<blockquote>
+<ul>
+<li><strong>always</strong>: Always add the Secure attribute to the state cookie.</li>
+<li><strong>never</strong>: The Secure attribute is never added to the state cookie.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>always</li>
+<li>never</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/filetypes">filetypes</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>allowed</code></td>
+<td>boolean</td>
+<td>Determines whether the file type is allowed or disallowed. In either of these cases the VIOL_FILETYPE violation is issued (if enabled) for an incoming request-
+<ol type="1">
+<li>No allowed file type matched the file type of the request.</li>
+<li>The file type of the request matched a disallowed file type.</li>
+</ol></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>checkPostDataLength</code></td>
+<td>boolean</td>
+<td>Determines whether to enforce maximum length restriction for the body, a.k.a. "POST data" part of the requests that match the respective file type. The maximum length is determined by <em>postDataLength</em> attribute. Although named "POST data", this applies to any content type and not restricted to POST requests, e.g. PUT requests are also checked. This attribute is relevant only to <em>allowed</em> file types.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>checkQueryStringLength</code></td>
+<td>boolean</td>
+<td>Determines whether to enforce maximum length restriction for the query string of the requests that match the respective file type. The maximum length is determined by <em>queryStringLength</em> attribute. This attribute is relevant only to <em>allowed</em> file types.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>checkRequestLength</code></td>
+<td>boolean</td>
+<td>Determines whether to enforce maximum length restriction for the total length of requests that match the respective file type. The maximum length is determined by <em>requestLength</em> attribute. This attribute is relevant only to <em>allowed</em> file types.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>checkUrlLength</code></td>
+<td>boolean</td>
+<td>Determines whether to enforce maximum length restriction for the URL of the requests that match the respective file type. The URL does <em>not</em> include the query string, past the &amp;. The maximum length is determined by <em>urlLength</em> attribute. This attribute is relevant only to <em>allowed</em> file types.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><p><code>name</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies the file type name as appearing in the URL extension. Names can be one of the following according to the <em>type</em> attribute:</p>
+<blockquote>
+<ul>
+<li><strong>Explicit</strong> - Specifies that the name is the literal file extension to which the file type refers. The <em>type</em> attribute has to be "explicit".</li>
+<li><strong>No Extension</strong> - Specifies the empty file type, lacking file extension. For this the reserved string <strong>no_ext</strong> should be used. The <em>type</em> attribute has to be "explicit".</li>
+<li><strong>Wildcard</strong> - Specifies that any file extension that matches the wildcard expression is matched to this file type in the policy. The <em>type</em> attribute has to be "wildcard".</li>
+</ul>
+</blockquote>
+<p>The syntax for wildcard entities is based on shell-style wildcard characters. The list below describes the wildcard characters that you can use so that the entity name can match multiple objects.</p>
+<blockquote>
+<ul>
+<li><strong>*</strong>: Matches all characters</li>
+<li><strong>?</strong>: Matches any single character</li>
+<li><strong>[abcde]</strong>: Matches exactly one of the characters listed</li>
+<li><strong>[!abcde]</strong>: Matches any character not listed</li>
+<li><strong>[a-e]</strong>: Matches exactly one character in the range</li>
+<li><strong>[!a-e]</strong>: Matches any character not in the range</li>
+</ul>
+</blockquote>
+<p><strong>Note</strong>: Wildcards do not match regular expressions. Do not use a regular expression as a wildcard.</p></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>postDataLength</code></td>
+<td>integer minimum: 0</td>
+<td>The maximum length in bytes of the body (POST data) of the request matching the file type. Enforced only if checkPostDataLength is set to <em>true</em>. If the value is exceeded then VIOL_POST_DATA_LENGTH violation is issued. This attribute is relevant only to <em>allowed</em> file types.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>queryStringLength</code></td>
+<td>integer minimum: 0</td>
+<td>The maximum length in bytes of the query string of the request matching the file type. Enforced only if checkQueryStringLength is set to <em>true</em>. If the value is exceeded then VIOL_QUERY_STRING_LENGTH violation is issued. This attribute is relevant only to <em>allowed</em> file types.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>requestLength</code></td>
+<td>integer minimum: 0</td>
+<td>The maximum total length in bytes of the request matching the file type. Enforced only if checkRequestLength is set to <em>true</em>. If the value is exceeded then VIOL_REQUEST_LENGTH violation is issued. This attribute is relevant only to <em>allowed</em> file types.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>responseCheck</code></td>
+<td>boolean</td>
+<td>Determines whether the responses to requests that match the respective file types are inspected for attack signature detection. This attribute is relevant only to <em>allowed</em> file types.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>responseCheckLength</code></td>
+<td>integer minimum: 0 maximum: 10000000000</td>
+<td>Determines how much of the response body will be checked for signatures. When value is set to 0, only the header will be checked. This attribute is relevant only to <em>allowed</em> file types.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>type</code></td>
+<td>string</td>
+<td>Determines the type of the <strong>name</strong> attribute. Only when setting the type to wildcard will the special wildcard characters in the name be interpreted as such.</td>
+<td><ul>
+<li>explicit</li>
+<li>wildcard</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>urlLength</code></td>
+<td>integer minimum: 0</td>
+<td>The maximum length in bytes of the URL of the request matching the file type, excluding the query string. Enforced only if checkUrlLength is set to <em>true</em>. If the value is exceeded then VIOL_URL_LENGTH violation is issued. This attribute is relevant only to <em>allowed</em> file types.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>wildcardOrder</code></td>
+<td>integer</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/general">general</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>allowedResponseCodes</code></td>
+<td>array of integers</td>
+<td>You can specify which responses a security policy permits. By default, the system accepts all response codes from 100 to 399 as valid responses. Response codes from 400 to 599 are considered invalid unless added to the Allowed Response Status Codes list. By default, 400, 401, 404, 407, 417, and 503 are on the list as allowed HTTP response status codes.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>customXffHeaders</code></td>
+<td>array of strings</td>
+<td>If you require the system to trust a server further than one hop toward the client (the last proxy traversed), you can use the Custom XFF Headers setting to define a specific header that is inserted closer to, or at the client, that the system will trust. Additionally, if you require the system to trust a proxy server that uses a different header name than the X-Forwarded-For header name, you can add the desired header name to the Custom XFF Headers setting. When adding a custom header, the X-Forwarded-For header is not trusted anymore. In case the X-Forwarded-For header is to be trusted along with other headers, you must add it to the custom headers list.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>maskCreditCardNumbersInRequest</code></p></td>
+<td><p>boolean</p></td>
+<td><p>When enabled, the security policy masks credit card numbers that appear in any part of requests. The system does not mask the information in the actual requests, but rather in various logs:</p>
+<ul>
+<li>Credit card numbers appearing in entity names are masked in the requests of the Requests log.</li>
+</ul>
+<p>* Credit card numbers appearing in entity values are masked wherever requests can be viewed: the Requests log, and violation details within that log. This setting is enabled by default, and exists in addition to masking parameters defined as containing sensitive information.</p></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><p><code>trustXff</code></p></td>
+<td><p>boolean</p></td>
+<td><p>When enabled, the system has confidence in an XFF (X-Forwarded-For) header in the request. When disabled, that the system does not have confidence in an XFF header in the request. The default setting is disabled.</p>
+<p>Select this option if the system is deployed behind an internal or other trusted proxy. Then, the system uses the IP address that initiated the connection to the proxy instead of the internal proxy's IP address.</p>
+<p>Leave this option disabled if you think the HTTP header may be spoofed, or crafted, by a malicious client. With this setting disabled, if the system is deployed behind an internal proxy, the system uses the internal proxy's IP address instead of the client's IP address.</p></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/graphql-profiles">graphql-profiles</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>attackSignaturesCheck</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/graphql-profiles/defenseAttributes">defenseAttributes</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>description</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>hasIdlFiles</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/graphql-profiles/idlFiles">idlFiles</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metacharElementCheck</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/graphql-profiles/metacharOverrides">metacharOverrides</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/graphql-profiles/responseEnforcement">responseEnforcement</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/graphql-profiles/sensitiveData">sensitiveData</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/graphql-profiles/signatureOverrides">signatureOverrides</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/graphql-profiles/defenseAttributes">defenseAttributes</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>allowIntrospectionQueries</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>maximumBatchedQueries</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>maximumQueryCost</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>maximumStructureDepth</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>maximumTotalLength</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>maximumValueLength</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>tolerateParsingWarnings</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/graphql-profiles/idlFiles">idlFiles</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/graphql-profiles/idlFiles/idlFile">idlFile</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>isPrimary</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h4 id="policy/graphql-profiles/idlFiles/idlFile">idlFile</h4>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+</tbody>
+</table>
+<h3 id="policy/graphql-profiles/metacharOverrides">metacharOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>isAllowed</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metachar</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/graphql-profiles/responseEnforcement">responseEnforcement</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>blockDisallowedPatterns</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>disallowedPatterns</code></td>
+<td>array of strings</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/graphql-profiles/sensitiveData">sensitiveData</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>parameterName</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/graphql-profiles/signatureOverrides">signatureOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>signatureId</code></td>
+<td>integer</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>tag</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/grpc-profiles">grpc-profiles</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>associateUrls</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>attackSignaturesCheck</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>decodeStringValuesAsBase64</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>disabled</li>
+<li>enabled</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/grpc-profiles/defenseAttributes">defenseAttributes</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>description</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>hasIdlFiles</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/grpc-profiles/idlFiles">idlFiles</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metacharElementCheck</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/grpc-profiles/signatureOverrides">signatureOverrides</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/grpc-profiles/defenseAttributes">defenseAttributes</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>allowUnknownFields</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>maximumDataLength</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/grpc-profiles/idlFiles">idlFiles</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/grpc-profiles/idlFiles/idlFile">idlFile</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>importUrl</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>isPrimary</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>primaryIdlFileName</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h4 id="policy/grpc-profiles/idlFiles/idlFile">idlFile</h4>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+</tbody>
+</table>
+<h3 id="policy/grpc-profiles/signatureOverrides">signatureOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>signatureId</code></td>
+<td>integer</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>tag</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/header-settings">header-settings</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>maximumHttpHeaderLength</code></td>
+<td><ul>
+<li>integer minimum: 1 maximum: 65536</li>
+<li>string</li>
+</ul></td>
+<td>Maximum HTTP Header Length must be greater than 0 and less than 65536 bytes (64K). Note: if 0 or <em>any</em> are set, then no restriction on the HTTP header length is applied.</td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/headers">headers</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>allowEmptyValue</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>allowRepeatedOccurrences</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>autoDetectBinaryValue</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>checkSignatures</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>decodeValueAsBase64</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies whether the the system should detect or require values to be Base64 encoded:</p>
+<blockquote>
+<ul>
+<li><strong>disabled</strong>: the value will not be decoded as Base64 content.</li>
+<li><strong>enabled</strong>: the value will be checked whether it can be decoded as Base64 and, if so, security checks will be performed on the decoded value.</li>
+<li><strong>required</strong>: the value must be decoded as Base64, and security checks will be performed on the decoded value.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>disabled</li>
+<li>enabled</li>
+<li>required</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>htmlNormalization</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>mandatory</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>maskValueInLogs</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that the headers's value will be masked in the request log.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>name</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies the HTTP header name. The header name length is limited to 254 characters.</p>
+<p>Names can be one of the following according to the <em>type</em> attribute:</p>
+<blockquote>
+<ul>
+<li><strong>explicit</strong>: Specifies that the header has a specific name and is not a wildcard entity. The name of the header exactly as you expect it to appear in the request.</li>
+<li><strong>wildcard</strong>: Specifies that any header that matches the listed wildcard expression should be treated according to the wildcard attributes.</li>
+</ul>
+</blockquote>
+<p>The syntax for wildcard entities is based on shell-style wildcard characters. The list below describes the wildcard characters that you can use so that the entity name can match multiple objects.</p>
+<blockquote>
+<ul>
+<li><strong>*</strong>: Matches all characters</li>
+<li><strong>?</strong>: Matches any single character</li>
+<li><strong>[abcde]</strong>: Matches exactly one of the characters listed</li>
+<li><strong>[!abcde]</strong>: Matches any character not listed</li>
+<li><strong>[a-e]</strong>: Matches exactly one character in the range</li>
+<li><strong>[!a-e]</strong>: Matches any character not in the range</li>
+</ul>
+</blockquote>
+<p><strong>Note</strong>: Wildcards do not match regular expressions. Do not use a regular expression as a wildcard.</p></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>normalizationViolations</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>percentDecoding</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/headers/signatureOverrides">signatureOverrides</a></td>
+<td>array of objects</td>
+<td>Array of signature overrides. Specifies attack signatures whose security policy settings are overridden for this header, and which action the security policy takes when it discovers a request for this header that matches these attack signatures.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>type</code></td>
+<td>string</td>
+<td>Determines the type of the <strong>name</strong> attribute. Only when setting the type to wildcard will the special wildcard characters in the name be interpreted as such.</td>
+<td><ul>
+<li>explicit</li>
+<li>wildcard</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>urlNormalization</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>wildcardOrder</code></td>
+<td>integer</td>
+<td>Specifies the order index for wildcard header matching. Wildcard headers with lower wildcard order will get checked for a match prior to headers with higher wildcard order.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/headers/signatureOverrides">signatureOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that the overridden signature is enforced</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td>The signature name which, along with the signature tag, identifies the signature.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>signatureId</code></td>
+<td>integer</td>
+<td>The signature ID which identifies the signature.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>tag</code></td>
+<td>string</td>
+<td>The signature tag which, along with the signature name, identifies the signature.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/host-names">host-names</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>includeSubdomains</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/idl-files">idl-files</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>contents</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>fileName</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>isBase64</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/ip-address-lists">ip-address-lists</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><p><code>blockRequests</code></p></td>
+<td><p>string</p></td>
+<td><dl>
+<dt>Specifies how the system responds to blocking requests sent from this IP address list.</dt>
+<dd><ul>
+<li><strong>Policy Default:</strong> Specifies that the policy enforcementMode will be used for requests from this IP address list.</li>
+<li><strong>Never Block:</strong> Specifies that the system does not block requests sent from this IP address list, even if your security policy is configured to block all traffic.</li>
+<li><strong>Always Block:</strong> Specifies that the system blocks requests sent from this IP address list.</li>
+</ul>
+</dd>
+</dl>
+<p>Optional, if absent Policy Default is used.</p></td>
+<td><ul>
+<li>always</li>
+<li>never</li>
+<li>policy-default</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>description</code></td>
+<td>string</td>
+<td>Specifies a brief description of the IP address list. Optional</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/ip-address-lists/ipAddresses">ipAddresses</a></td>
+<td>array of objects</td>
+<td>Specifies the IP addresses. Use CIDR notation for subnet definition.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>matchOrder</code></td>
+<td>integer</td>
+<td>Specifies the order matching index between different IP Address Lists. If unspecified, the order is implicitly as the lists appear in the policy. IP Address Lists with a lower matchOrder will be checked for a match prior to items with higher matchOrder.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td>Specifies the name of ip address list.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>neverLogRequests</code></td>
+<td>boolean</td>
+<td>Specifies when enabled that the system does not log requests or responses sent from this IP address list, even if the traffic is illegal, and even if your security policy is configured to log all traffic. Optional, if absent default value is false.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>setGeolocation</code></td>
+<td>string</td>
+<td>Specifies a geolocation to be associated for this IP address list. This will force the IP addresses in the list to be considered as though they are in that geolocation. This applies to blocking via "disallowed-geolocations" and to logging. Optional</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/ip-address-lists/ipAddresses">ipAddresses</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>ipAddress</code></td>
+<td>string</td>
+<td>Specifies the IP address. Use CIDR notation for subnet definition.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/ip-intelligence">ip-intelligence</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/ip-intelligence/ipIntelligenceCategories">ipIntelligenceCategories</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/ip-intelligence/ipIntelligenceCategories">ipIntelligenceCategories</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>alarm</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>block</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>category</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>Anonymous Proxy</li>
+<li>BotNets</li>
+<li>Cloud-based Services</li>
+<li>Denial of Service</li>
+<li>Infected Sources</li>
+<li>Mobile Threats</li>
+<li>Phishing Proxies</li>
+<li>Scanners</li>
+<li>Spam Sources</li>
+<li>Tor Proxies</li>
+<li>Web Attacks</li>
+<li>Windows Exploits</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/json-profiles">json-profiles</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>attackSignaturesCheck</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/json-profiles/defenseAttributes">defenseAttributes</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>description</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>handleJsonValuesAsParameters</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>hasValidationFiles</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metacharElementCheck</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/json-profiles/metacharOverrides">metacharOverrides</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/json-profiles/signatureOverrides">signatureOverrides</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/json-profiles/validationFiles">validationFiles</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/json-profiles/defenseAttributes">defenseAttributes</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>maximumArrayLength</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>maximumStructureDepth</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>maximumTotalLengthOfJSONData</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>maximumValueLength</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>tolerateJSONParsingWarnings</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/json-profiles/metacharOverrides">metacharOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>isAllowed</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metachar</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/json-profiles/signatureOverrides">signatureOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>signatureId</code></td>
+<td>integer</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>tag</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/json-profiles/validationFiles">validationFiles</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>importUrl</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>isPrimary</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/json-profiles/validationFiles/jsonValidationFile">jsonValidationFile</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h4 id="policy/json-profiles/validationFiles/jsonValidationFile">jsonValidationFile</h4>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+</tbody>
+</table>
+<h2 id="policy/json-validation-files">json-validation-files</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>contents</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>fileName</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>isBase64</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/login-enforcement">login-enforcement</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>authenticatedUrls</code></td>
+<td>array of strings</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>expirationTimePeriod</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 99999</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"disabled"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/login-enforcement/logoutUrls">logoutUrls</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/login-enforcement/logoutUrls">logoutUrls</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>requestContains</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>requestOmits</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/urls">url</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/login-pages">login-pages</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/login-pages/accessValidation">accessValidation</a></td>
+<td>object</td>
+<td>Access Validation define validation criteria for the login page response. If you define more than one validation criteria, the response must meet all the criteria before the system allows the user to access the application login URL.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><p><code>authenticationType</code></p></td>
+<td><p>string</p></td>
+<td><p>Authentication Type is method the web server uses to authenticate the login URL's credentials with a web user.</p>
+<blockquote>
+<ul>
+<li><strong>none</strong>: The web server does not authenticate users trying to access the web application through the login URL. This is the default setting.</li>
+<li><strong>form</strong>: The web application uses a form to collect and authenticate user credentials. If using this option, you also need to type the user name and password parameters written in the code of the HTML form.</li>
+<li><strong>http-basic</strong>: The user name and password are transmitted in Base64 and stored on the server in plain text.</li>
+<li><strong>http-digest</strong>: The web server performs the authentication; user names and passwords are not transmitted over the network, nor are they stored in plain text.</li>
+<li><strong>ntlm</strong>: Microsoft LAN Manager authentication (also called Integrated Windows Authentication) does not transmit credentials in plain text, but requires a continuous TCP connection between the server and client.</li>
+<li><strong>ajax-or-json-request</strong>: The web server uses JSON and AJAX requests to authenticate users trying to access the web application through the login URL. For this option, you also need to type the name of the JSON element containing the user name and password.</li>
+<li><strong>request-body</strong>: The web server uses the request body to authenticate users trying to access the web application through the login URL. This allows brute force login detection using, for example, SAML authentication used on Microsoft Federation Services for SSO which uses SOAP API to login.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>ajax-or-json-request</li>
+<li>form</li>
+<li>http-basic</li>
+<li>http-digest</li>
+<li>none</li>
+<li>ntlm</li>
+<li>request-body</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>passwordParameterName</code></td>
+<td>string</td>
+<td>A name of parameter which will contain password string.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>passwordRegex</code></td>
+<td>string</td>
+<td>PCRE regular expression for capturing the password. The regular expression must include exactly one capturing group (in rounded parentheses) for the value of the password. For example: "pwd=(w+)". The entered expression is validated and any invalid code is noted and must be corrected. Note: This setting is only relevant if authenticationType is request-body.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/urls">url</a></td>
+<td>object</td>
+<td>URL string used for login page.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>usernameParameterName</code></td>
+<td>string</td>
+<td>A name of parameter which will contain username string.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>usernameRegex</code></td>
+<td>string</td>
+<td>PCRE regular expression for capturing the username. The regular expression must include exactly one capturing group (in rounded parentheses) for the value of the username. For example: "user_id=(w+)". The entered expression is validated and any invalid code is noted and must be corrected. Note: This setting is only relevant if authenticationType is request-body.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/login-pages/accessValidation">accessValidation</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>cookieContains</code></td>
+<td>string</td>
+<td>A defined domain cookie name that the response to the login URL must match to permit user access to the authenticated URL.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>headerContains</code></td>
+<td>string</td>
+<td>A header name and value that the response to the login URL must match to permit user access to the authenticated URL.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>headerContainsMatchCondition</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>exact</li>
+<li>regex</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>headerOmits</code></td>
+<td>string</td>
+<td>A header name and value that indicates a failed login attempt and prohibits user access to the authenticated URL.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>headerOmitsMatchCondition</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>exact</li>
+<li>regex</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>parameterContains</code></td>
+<td>string</td>
+<td>A parameter that must exist in the login URL's HTML body to allow access to the authenticated URL.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>responseContains</code></td>
+<td>string</td>
+<td>A string that must appear in the response for the system to allow the user to access the authenticated URL; for example, "Successful Login".</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>responseHttpStatus</code></td>
+<td>string</td>
+<td>An HTTP response code that the server must return to the user to allow access to the authenticated URL; for example, "200".</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>responseHttpStatusOmits</code></td>
+<td>array of strings</td>
+<td>An HTTP response code that indicates a failed login attempt and prohibits user access to the authenticated URL.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>responseOmits</code></td>
+<td>string</td>
+<td>A string that indicates a failed login attempt and prohibits user access to the authenticated URL; for example, "Authentication failed".</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/methods">methods</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/override-rules">override-rules</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><p><code>actionType</code></p></td>
+<td><p>string</p></td>
+<td><p>The action to take when the override rule is matched. Possible values are:</p>
+<blockquote>
+<ul>
+<li><strong>extend-policy</strong>: The override policy inherits the containing policy settings, allowing only the required settings to be overridden.</li>
+<li><strong>replace-policy</strong>: The override policy must be a valid declarative policy that includes a name, template and all necessary settings.</li>
+<li><strong>violation</strong>: The request is blocked and a the VIOL_RULE is logged based on the provided violation settings.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>extend-policy</li>
+<li>replace-policy</li>
+<li>violation</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><p><code>condition</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies the condition under which the override rule should be applied.</p>
+<p>Example: "clientIp != '10.0.0.5' and userAgent.lower().contains('WebRobot')"</p>
+<p>Condition Syntax:</p>
+<blockquote>
+<ul>
+<li>The condition consists of one or more clauses separated by <strong>and</strong> or <strong>or</strong>.</li>
+</ul>
+<p>Example: "clientIp == '10.0.0.5' and (host.startsWith('internal') or uri.contains('api'))"</p>
+<ul>
+<li>Each clause can optionally start with <strong>not</strong> - to negate the expression.</li>
+</ul>
+<p>Example: "not clientIp == '127.0.0.1'"</p>
+<ul>
+<li><strong>not</strong> can also be used to negate a parenthesized expression.</li>
+</ul>
+<p>Example: "not (method == 'GET' or method == 'PUT')"</p>
+<ul>
+<li>A clause can be a simple comparison between two value expressions, or a boolean function applied to a literal value.</li>
+</ul>
+</blockquote>
+<p>Supported comparison operators:</p>
+<blockquote>
+<ul>
+<li><strong>==</strong> - Checks for equality between two value expressions.</li>
+<li><strong>!=</strong> - Checks for inequality between two value expressions.</li>
+</ul>
+<p>Example: "clientIp != '10.0.0.5'" (equivalent to "not clientIp == '10.0.0.5'")</p>
+</blockquote>
+<p>Supported boolean functions:</p>
+<blockquote>
+<ul>
+<li><strong>matches</strong>: Performs an exact match of a value expression, equivalent to <strong>==</strong>.</li>
+<li><strong>startsWith</strong>: Checks if a value expression starts with a specific substring.</li>
+<li><strong>contains</strong>: Checks if a value expression contains a specific substring.</li>
+</ul>
+<p>Example: "uri.startsWith('/api')"</p>
+</blockquote>
+<p><strong>Note</strong>: Functions "startsWith" and "contains" are not applicable to the "clientIp" attribute. Regular expressions are not supported.</p>
+<blockquote>
+<ul>
+<li>Value expressions can be a request attribute, literal value, or a value function.</li>
+<li>A literal can be a string value enclosed in single quotes, or can be the keyword "null" without quotes.</li>
+</ul>
+<p>Example: "userAgent == null"</p>
+</blockquote>
+<p>Supported value functions:</p>
+<blockquote>
+<ul>
+<li><strong>lower</strong>: Any boolean function applied on the resulting string will be <strong>case insensitive</strong>. Applicable to ANSI characters only.</li>
+</ul>
+<p>Example: "uri.lower().contains('BaR')" will match the URI "/Foo/bAr"</p>
+</blockquote>
+<p>Request Attributes:</p>
+<blockquote>
+<ul>
+<li><strong>clientIp</strong>: Client IP address in canonical IPv4 or IPv6 format or ip-address-list. Use CIDR notation for subnet definition. Example: <em>192.168.1.2</em> or <em>fd00:1::/48</em>. If <em>trustXff</em> (X-Forwarded-For) is enabled in the containing policy, then the value is taken from the configured header (XFF or other). The only supported boolean function for the clientIP attribute is <em>matches</em>.</li>
+<li><strong>host</strong>: The value of the Host header</li>
+<li><strong>method</strong>: The HTTP method in the request</li>
+<li><strong>uri</strong>: The URI (path part) of the request</li>
+<li><strong>userAgent</strong>: The value of the User-Agent header, or <em>null</em> (without quotes) if not present</li>
+<li><strong>geolocation</strong>: The geolocation of the client IP address. The value is the ISO 3166 two-letter code of the respective country.</li>
+<li><strong>parameters['&lt;name&gt;']</strong>: (map-type) The value of the specified parameter name (limited to query string parameters). Example: "parameters['id'] == '11'"</li>
+<li><strong>cookies['&lt;name&gt;']</strong>: (map-type) The value of the specified cookie name. Example: "cookies['Path'].contains('product')"</li>
+<li><strong>headers['&lt;name&gt;']</strong>: (map-type) The value of the specified header name. Example: "headers['Accept'].startsWith('application')"</li>
+</ul>
+</blockquote>
+<dl>
+<dt><strong>Note</strong>:</dt>
+<dd><ul>
+<li>The "headers['&lt;name&gt;']" attribute does not support 'Cookie' as a header name.</li>
+<li>Attribute "clientIp" supports using "ipAddressLists" in condition: "clientIp.matches(ipAddressLists['&lt;name&gt;'])"</li>
+</ul>
+</dd>
+</dl></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td>The unique name of the override rule. Cannot contain spaces or special characters.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>override</code></td>
+<td>string</td>
+<td>The overriding security policy definition.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/override-rules/violation">violation</a></td>
+<td>object</td>
+<td>Contains the details of the raised VIOL_RULE violation. Mandatory if action-type is violation.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/override-rules/violation">violation</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>alarm</code></td>
+<td>boolean</td>
+<td>Whether the violation should be marked in the security log and cause the request to be classified as "illegal".</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/override-rules/violation/attackType">attackType</a></td>
+<td>object</td>
+<td>The attack type associated with the violation in the present rule. This is reflected in the security log. Mandatory.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>block</code></td>
+<td>boolean</td>
+<td>Whether the violation should cause the request to be blocked. On other words: the block flag of the VIOL_RULE for the present rule.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>description</code></td>
+<td>string</td>
+<td>Textual description of the violation in the present rule. Limited to 200 characters. Not Mandatory.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>rating</code></td>
+<td>integer minimum: 3 maximum: 5</td>
+<td>The violation rating that the present rule violation will induce. In other words, the violation rating of the request will be the maximum between this value and the calculated value based on the other violations in the request. If not specified and there is no other violation, then the VR is 3.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h4 id="policy/override-rules/violation/attackType">attackType</h4>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td>The name of the attack type. Mandatory.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/parameters">parameters</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>allowEmptyValue</code></td>
+<td>boolean</td>
+<td>Determines whether an empty value is allowed for a parameter.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>allowRepeatedParameterName</code></td>
+<td>boolean</td>
+<td>Determines whether multiple parameter instances with the same name are allowed in one request.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>arraySerializationFormat</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies type of serialization for array of primitives parameter. Serialization defines how multiple values are delimited - format that can be transmitted and reconstructed later:</p>
+<blockquote>
+<ul>
+<li><strong>pipe</strong>: pipe-separated values. Array color=["blue","black"] -&gt; color=blue|black.</li>
+<li><strong>form</strong>: ampersand-separated values. Array color=["blue","black"] -&gt; color=blue,black.</li>
+<li><strong>matrix</strong>: semicolon-prefixed values. Array color=["blue","black"] -&gt; ;color=blue,black.</li>
+<li><strong>tsv</strong>: tab-separated values. Array color=["blue","black"] -&gt; color=bluetblack.</li>
+<li><strong>csv</strong>: comma-separated values. Array color=["blue","black"] -&gt; color=blue,black.</li>
+<li><strong>label</strong>: dot-prefixed values. Array color=["blue","black"] -&gt; .blue.black.</li>
+<li><strong>multi</strong>: multiple parameter instances rather than multiple values. Array color=["blue","black"] -&gt; color=blue&amp;color=black.</li>
+<li><strong>ssv</strong>: space-separated values. Array color=["blue","black"] -&gt; color=blue black.</li>
+<li><strong>multipart</strong>: defines array of files.</li>
+</ul>
+</blockquote>
+<p><strong>Notes</strong>:</p>
+<blockquote>
+<ul>
+<li>This attribute is relevant only for parameters with <strong>array</strong> <em>valueType</em>.</li>
+<li><strong>multi</strong> and <strong>form</strong> serializations can be defined for parameter with <em>query</em>, <em>form-data</em> or <em>cookie</em> locations only.</li>
+<li><strong>multipart</strong> serialization can be defined for parameter with <em>form-data</em> location only.</li>
+<li><strong>matrix</strong> and <strong>label</strong> serializations can be defined for parameter with <em>path</em> location only.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>csv</li>
+<li>form</li>
+<li>label</li>
+<li>matrix</li>
+<li>multi</li>
+<li>multipart</li>
+<li>pipe</li>
+<li>ssv</li>
+<li>tsv</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>arrayUniqueItemsCheck</code></td>
+<td>boolean</td>
+<td>Determines whether items in an array parameter must be unique. This attribute is relevant only for parameters with <strong>array</strong> <em>valueType</em>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>attackSignaturesCheck</code></td>
+<td>boolean</td>
+<td>Determines whether attack signatures and threat campaigns must be detected in a parameter's value. This attribute is relevant only for parameters with <strong>alpha-numeric</strong> or <strong>binary</strong> <em>dataType</em>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>checkMaxItemsInArray</code></td>
+<td>boolean</td>
+<td>Determines whether an array parameter has a restricted maximum number of items. This attribute is relevant only for parameters with <strong>array</strong> <em>valueType</em>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>checkMaxValue</code></td>
+<td>boolean</td>
+<td>Determines whether the parameter has a restricted maximum value. This attribute is relevant only for parameters with <strong>integer</strong> or <strong>decimal</strong> <em>dataType</em>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>checkMaxValueLength</code></td>
+<td>boolean</td>
+<td>Determines whether a parameter has a restricted maximum length for value.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>checkMetachars</code></td>
+<td>boolean</td>
+<td>Determines whether disallowed metacharacters must be detected in a parameter's name. This attribute is relevant only for <strong>wildcard</strong> parameters with <strong>alpha-numeric</strong> <em>dataType</em>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>checkMinItemsInArray</code></td>
+<td>boolean</td>
+<td>Determines whether an array parameter has a restricted minimum number of items. This attribute is relevant only for parameters with <strong>array</strong> <em>valueType</em>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>checkMinValue</code></td>
+<td>boolean</td>
+<td>Determines whether a parameter has a restricted minimum value. This attribute is relevant only for parameters with <strong>integer</strong> or <strong>decimal</strong> <em>dataType</em>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>checkMinValueLength</code></td>
+<td>boolean</td>
+<td>Determines whether a parameter has a restricted minimum length for value.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>checkMultipleOfValue</code></td>
+<td>boolean</td>
+<td>Determines whether a parameter's value is a multiple of a number defined in <em>multipleOf</em>. This attribute is relevant only for parameters with <strong>integer</strong> or <strong>decimal</strong> <em>dataType</em>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/parameters/contentProfile">contentProfile</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>dataType</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies data type of parameter's value:</p>
+<blockquote>
+<ul>
+<li><strong>alpha-numeric</strong>: specifies that the value of parameter can be any text consisting of letters, digits, and the underscore character.</li>
+<li><strong>binary</strong>: specifies there is no text limit for the value of a parameter (length checks only).</li>
+<li><strong>phone</strong>: specifies that the value of a parameter can be text in telephone number format only.</li>
+<li><strong>email</strong>: specifies that the value of a parameter must be text in email format only.</li>
+<li><strong>boolean</strong>: specifies that the value of a parameter must be boolean (only <em>true</em> and <em>false</em> values are allowed).</li>
+<li><strong>integer</strong>: specifies that the value of a parameter must be whole numbers only (no decimals).</li>
+<li><strong>decimal</strong>: specifies that the value of a parameter is numbers only and can include decimals.</li>
+</ul>
+</blockquote>
+<dl>
+<dt><strong>Notes</strong>:</dt>
+<dd><ul>
+<li>This attribute is relevant for parameters with <strong>array</strong> or <strong>user-input</strong> <em>valueType</em> only.</li>
+</ul>
+</dd>
+</dl></td>
+<td><ul>
+<li>alpha-numeric</li>
+<li>binary</li>
+<li>phone</li>
+<li>email</li>
+<li>boolean</li>
+<li>integer</li>
+<li>decimal</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><p><code>decodeValueAsBase64</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies whether the the system should detect or require values to be Base64 encoded:</p>
+<blockquote>
+<ul>
+<li><strong>disabled</strong>: the value will not be decoded as Base64 content.</li>
+<li><strong>enabled</strong>: the value will be checked whether it can be decoded as Base64 and, if so, security checks will be performed on the decoded value.</li>
+<li><strong>required</strong>: the value must be decoded as Base64. Security checks will be performed on the decoded value.</li>
+</ul>
+</blockquote>
+<dl>
+<dt><strong>Notes</strong>:</dt>
+<dd><ul>
+<li>This attribute is relevant for parameters with <strong>binary</strong>, <strong>auto-detect</strong>, or <strong>user-input</strong> <em>valueType</em> only.</li>
+</ul>
+</dd>
+</dl></td>
+<td><ul>
+<li>disabled</li>
+<li>enabled</li>
+<li>required</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>disallowFileUploadOfExecutables</code></td>
+<td>boolean</td>
+<td>Determines whether a parameter's value cannot have binary executable content. This attribute is relevant only for parameters with <strong>binary</strong> <em>dataType</em>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>enableRegularExpression</code></td>
+<td>boolean</td>
+<td>Determines whether the parameter value includes the pattern defined in <em>regularExpression</em>. This attribute is relevant only for parameters with <strong>alpha-numeric</strong> <em>dataType</em>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>exclusiveMax</code></td>
+<td>boolean</td>
+<td>Determines whether the maximum value defined in <em>maximumValue</em> attribute is exclusive. This attribute is relevant only if <em>checkMaxValue</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>exclusiveMin</code></td>
+<td>boolean</td>
+<td>Determines whether a minimum value defined in <em>minimumValue</em> attribute is exclusive. This attribute is relevant only if <em>checkMinValue</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>explodeObjectSerialization</code></td>
+<td>boolean</td>
+<td>Specifies whether an array or object parameters should have separate values for each array item or object property. This attribute is relevant only if <em>objectSerializationStyle</em> is defined.
+<dl>
+<dt><strong>Notes</strong>:</dt>
+<dd><ul>
+<li>This attribute is not relevant for parameters with <strong>deep-object</strong>, <strong>space-delimited</strong> or <strong>pipe-delimited</strong> <em>objectSerializationStyle</em>.</li>
+</ul>
+</dd>
+</dl></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>hostNameRepresentation</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>any</li>
+<li>domain-name</li>
+<li>ip-address</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>isCookie</code></td>
+<td>boolean</td>
+<td>Determines whether a parameter is located in the value of Cookie header. <em>parameterLocation</em> attribute is ignored if <strong>isCookie</strong> is set to <em>true</em>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>isHeader</code></td>
+<td>boolean</td>
+<td>Determines whether a parameter is located in headers as one of the headers. <em>parameterLocation</em> attribute is ignored if <strong>isHeader</strong> is set to <em>true</em>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>level</code></td>
+<td>string</td>
+<td>Specifies whether the parameter is associated with a URL, a flow, or neither.</td>
+<td><ul>
+<li>global</li>
+<li>url</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>mandatory</code></td>
+<td>boolean</td>
+<td>Determines whether a parameter must exist in the request.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>maxItemsInArray</code></td>
+<td>integer minimum: 0</td>
+<td>Determines the restriction for the maximum number of items in an array parameter. This attribute is relevant only if <em>checkMaxItemsInArray</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>maximumLength</code></td>
+<td>integer minimum: 0</td>
+<td>Determines the restriction for the maximum length of parameter's value. This attribute is relevant only if <em>checkMaxValueLength</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>maximumValue</code></td>
+<td>number</td>
+<td>Determines the restriction for the maximum value of parameter. This attribute is relevant only if <em>checkMaxValue</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metacharsOnParameterValueCheck</code></td>
+<td>boolean</td>
+<td>Determines whether disallowed metacharacters must be detected in a parameter's value. This attribute is relevant only for parameters with <strong>alpha-numeric</strong> <em>dataType</em>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>minItemsInArray</code></td>
+<td>integer minimum: 0</td>
+<td>Determines the restriction for the minimum number of items in an array parameter. This attribute is relevant only if <em>checkMinItemsInArray</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>minimumLength</code></td>
+<td>integer minimum: 0</td>
+<td>Determines the restriction for the minimum length of parameter's value. This attribute is relevant only if <em>checkMinValueLength</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>minimumValue</code></td>
+<td>number</td>
+<td>Determines the restriction for the minimum value of a parameter. This attribute is relevant only if <em>checkMinValue</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>multipleOf</code></td>
+<td>number</td>
+<td>Determines the number by which a parameter's value is divisible without remainder. This number must be positive and it may be a floating-point number. This attribute is relevant only if <em>checkMultipleOfValue</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>name</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies the name of a parameter which must be permitted in requests. Format of parameter name attribute differs depending on <em>type</em> attribute: - <strong>explicit</strong> <em>type</em>: name of permitted parameter in request should literally match. - <strong>wildcard</strong> <em>type</em>: name of permitted parameter in request should match wildcard expression.</p>
+<p>The syntax for wildcard entities is based on shell-style wildcard characters. The list below describes the wildcard characters that you can use so that the entity name can match multiple objects.</p>
+<blockquote>
+<ul>
+<li><strong>*</strong>: Matches all characters</li>
+<li><strong>?</strong>: Matches any single character</li>
+<li><strong>[abcde]</strong>: Matches exactly one of the characters listed</li>
+<li><strong>[!abcde]</strong>: Matches any character not listed</li>
+<li><strong>[a-e]</strong>: Matches exactly one character in the range</li>
+<li><strong>[!a-e]</strong>: Matches any character not in the range</li>
+</ul>
+</blockquote>
+<dl>
+<dt><strong>Notes</strong>:</dt>
+<dd><ul>
+<li>Wildcards do not match regular expressions. Do not use a regular expression as a wildcard.</li>
+<li>Empty parameter name is allowed for <strong>explicit</strong> <em>type</em></li>
+</ul>
+</dd>
+</dl></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/parameters/nameMetacharOverrides">nameMetacharOverrides</a></td>
+<td>array of objects</td>
+<td>Determines metacharacters whose security policy settings are overridden for this parameter, and which action the security policy takes when it discovers a request for this parameter that has these metacharacters in the name. This attribute is relevant only if <em>checkMetachars</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>objectSerializationStyle</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies the type of serialization for an object or complex array parameter. Serialization defines how multiple values are delimited - format that can be transmitted and reconstructed later:</p>
+<blockquote>
+<ul>
+<li><strong>pipe-delimited</strong>: pipe-separated values. Object color={"R":100,"G":200} -&gt; color=RG|200.</li>
+<li><strong>form</strong>: ampersand-separated values. Object color={"R":100,"G":200} -&gt; color=R,100,G,200 if <em>explodeObjectSerialization</em> set to <strong>false</strong> or -&gt; R=100&amp;G=200 if <em>explodeObjectSerialization</em> set to <strong>true</strong>.</li>
+<li><strong>space-delimited</strong>: space-separated values. Object color={"R":100,"G":200} -&gt; color=R 100 G 200.</li>
+<li><strong>deep-object</strong>: rendering nested objects. Object color={"R":100,"G":200} -&gt; color[R]=100&amp;color[G]=200.</li>
+<li><strong>matrix</strong>: semicolon-prefixed values. Object color={"R":100,"G":200} -&gt; ;color=R,100,G,200 if <em>explodeObjectSerialization</em> set to <strong>false</strong> or -&gt; ;R=100;G=200 if <em>explodeObjectSerialization</em> set to <strong>true</strong>.</li>
+<li><strong>simple</strong>: comma-separated values. Object color={"R":100,"G":200} -&gt; R,100,G,200 if <em>explodeObjectSerialization</em> set to <strong>false</strong> or -&gt; R=100,G=200 if <em>explodeObjectSerialization</em> set to <strong>true</strong>.</li>
+<li><strong>label</strong>: dot-prefixed values. Object color={"R":100,"G":200} -&gt; .R.100.G.200 if <em>explodeObjectSerialization</em> set to <strong>false</strong> or -&gt; .R=100.G=200 if <em>explodeObjectSerialization</em> set to <strong>true</strong>.</li>
+</ul>
+</blockquote>
+<p><strong>Notes</strong>:</p>
+<blockquote>
+<ul>
+<li>This attribute is relevant only for parameters with <strong>object</strong> or <strong>openapi-array</strong> <em>valueType</em>.</li>
+<li><strong>form</strong> serialization can be defined for a parameter with <em>query</em>, <em>form-data</em> or <em>cookie</em> locations only.</li>
+<li><strong>matrix</strong> and <strong>label</strong> serializations can be defined for an array parameter with <em>path</em> location only.</li>
+<li><strong>simple</strong> serializations can be defined for a parameter with <em>path</em> and <em>header</em> locations only.</li>
+<li><strong>deep-object</strong> serialization can be defined for a parameter with <em>query</em> or <em>form-data</em> locations only.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>deep-object</li>
+<li>form</li>
+<li>label</li>
+<li>matrix</li>
+<li>pipe-delimited</li>
+<li>simple</li>
+<li>space-delimited</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>parameterEnumValues</code></td>
+<td>array of strings</td>
+<td>Determines the set of possible parameter's values. This attribute is not relevant for parameters with <strong>phone</strong>, <strong>email</strong> or <strong>binary</strong> <em>dataType</em>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>parameterLocation</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies location of parameter in request:</p>
+<blockquote>
+<ul>
+<li><strong>any</strong>: in query string, in POST data (body) or in URL path.</li>
+<li><strong>query</strong>: in query string.</li>
+<li><strong>form-data</strong>: in POST data (body).</li>
+<li><strong>cookie</strong>: in value of Cookie header.</li>
+<li><strong>path</strong>: in URL path.</li>
+<li><strong>header</strong>: in request headers.</li>
+</ul>
+</blockquote>
+<dl>
+<dt><strong>Notes</strong>:</dt>
+<dd><ul>
+<li><strong>path</strong> location can be defined for parameter with <strong>global</strong> <em>level</em> only.</li>
+<li><strong>path</strong>, <strong>header</strong> and <strong>cookie</strong> location can be defined for parameter with <strong>explicit</strong> <em>type</em> only.</li>
+<li><strong>header</strong> and <strong>cookie</strong> location cannot be defined for parameter with empty <em>name</em>.</li>
+</ul>
+</dd>
+</dl></td>
+<td><ul>
+<li>any</li>
+<li>cookie</li>
+<li>form-data</li>
+<li>header</li>
+<li>path</li>
+<li>query</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>regularExpression</code></td>
+<td>string</td>
+<td>Determines a positive regular expression (PCRE) for a parameter's value. This attribute is relevant only if <em>enableRegularExpression</em> is set to <strong>true</strong>.
+<dl>
+<dt><strong>Notes</strong>:</dt>
+<dd><ul>
+<li>The length of a regular expression is limited to 254 characters.</li>
+</ul>
+</dd>
+</dl></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>sensitiveParameter</code></td>
+<td>boolean</td>
+<td>Determines whether a parameter is sensitive and must be not visible in logs nor in the user interface. Instead of the actual value, a string of asterisks is shown for this parameter. Use it to protect sensitive user input, such as a password or a credit card number, in a validated request.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/parameters/signatureOverrides">signatureOverrides</a></td>
+<td>array of objects</td>
+<td>Determines attack signatures whose security policy settings are overridden for this parameter, and which action the security policy takes when it discovers a request for this parameter that matches these attack signatures. This attribute is relevant only if <em>signatureOverrides</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>staticValues</code></td>
+<td>array of strings</td>
+<td>Determines the set of possible parameter's values. This attribute is relevant for parameters with <strong>static-content</strong> <em>valueType</em> only.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>type</code></td>
+<td>string</td>
+<td>Specifies the type of the <em>name</em> attribute.</td>
+<td><ul>
+<li>explicit</li>
+<li>wildcard</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/urls">url</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/parameters/valueMetacharOverrides">valueMetacharOverrides</a></td>
+<td>array of objects</td>
+<td>Determines metacharacters whose security policy settings are overridden for this parameter, and which action the security policy takes when it discovers a request parameter that has these metacharacters in its value. This attribute is relevant only if <em>metacharsOnParameterValueCheck</em> is set to <strong>true</strong>.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>valueType</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies type of parameter's value:</p>
+<blockquote>
+<ul>
+<li><strong>object</strong>: the parameter's value is complex object defined by JSON schema.</li>
+<li><strong>dynamic-content</strong>: the parameter's content changes dynamically.</li>
+<li><strong>openapi-array</strong>: the parameter's value is complex array defined by JSON schema.</li>
+<li><strong>ignore</strong>: the system does not perform validity checks on the value of the parameter.</li>
+<li><strong>static-content</strong>: the parameter has a static, or pre-defined, value(s).</li>
+<li><strong>json</strong>: the parameter's value is JSON data.</li>
+<li><strong>array</strong>: the parameter's value is array of primitives.</li>
+<li><strong>user-input</strong>: the parameter's value is provided by user-input.</li>
+<li><strong>xml</strong>: the parameter's value is XML data.</li>
+<li><strong>auto-detect</strong>: the parameter's value can be user-input, XML data or JSON data. The system automatically classifies the type of value.</li>
+<li><strong>dynamic-parameter-name</strong>: the parameter's name changes dynamically.</li>
+</ul>
+</blockquote>
+<dl>
+<dt><strong>Notes</strong>:</dt>
+<dd><ul>
+<li><strong>dynamic-parameter-name</strong> value type can be defined for a parameter with <strong>flow</strong> <em>level</em> and <strong>explicit</strong> <em>type</em> only.</li>
+<li><strong>dynamic-content</strong> value type can be defined for a parameter with <strong>explicit</strong> <em>type</em> only.</li>
+</ul>
+</dd>
+</dl></td>
+<td><ul>
+<li>array</li>
+<li>auto-detect</li>
+<li>ignore</li>
+<li>json</li>
+<li>object</li>
+<li>openapi-array</li>
+<li>static-content</li>
+<li>user-input</li>
+<li>xml</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>wildcardOrder</code></td>
+<td>integer</td>
+<td>Specifies the order in which wildcard entities are organized. Matching of an enforced parameter with a defined wildcard parameter happens based on order from smaller to larger.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/parameters/contentProfile">contentProfile</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/parameters/contentProfile/contentProfile">contentProfile</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h4 id="policy/parameters/contentProfile/contentProfile">contentProfile</h4>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/parameters/nameMetacharOverrides">nameMetacharOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>isAllowed</code></td>
+<td>boolean</td>
+<td>Specifies permission of <em>metachar</em> - when <em>false</em>, then character is prohibited.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metachar</code></td>
+<td>string</td>
+<td>Specifies character in hexadecimal format with special allowance.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/parameters/signatureOverrides">signatureOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that the overridden signature is enforced</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td>The signature name which, along with the signature tag, identifies the signature.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>signatureId</code></td>
+<td>integer</td>
+<td>The signature ID which identifies the signature.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>tag</code></td>
+<td>string</td>
+<td>The signature tag which, along with the signature name, identifies the signature.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/parameters/valueMetacharOverrides">valueMetacharOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>isAllowed</code></td>
+<td>boolean</td>
+<td>Specifies permission of <em>metachar</em> - when <em>false</em>, then character is prohibited.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metachar</code></td>
+<td>string</td>
+<td>Specifies character in hexadecimal format with special allowance.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/response-pages">response-pages</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>ajaxActionType</code></td>
+<td>string</td>
+<td><dl>
+<dt>Which content, or URL, the system sends to the client as a response to an AJAX request that does not comply with the security policy.</dt>
+<dd><ul>
+<li><strong>alert-popup</strong>: The system opens a message as a popup screen. Type the message the system displays in the popup screen, or leave the default text.</li>
+<li><strong>custom</strong>: A response text that will replace the frame or page which generated the AJAX request. The system provides additional options where you can type the response body you prefer.</li>
+<li><strong>redirect</strong>: The system redirects the user to a specific web page instead of viewing a response page. Type the web page's full URL path, for example, <a href="http://www.redirectpage.com">http://www.redirectpage.com</a>.</li>
+</ul>
+</dd>
+</dl></td>
+<td><ul>
+<li>alert-popup</li>
+<li>custom</li>
+<li>redirect</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>ajaxCustomContent</code></td>
+<td>string</td>
+<td>Custom message typed by user as a response for blocked AJAX request.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>ajaxEnabled</code></td>
+<td>boolean</td>
+<td>When enabled, the system injects JavaScript code into responses. You must enable this toggle in order to configure an Application Security Manager AJAX response page which is returned when the system detects an AJAX request that does not comply with the security policy.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>ajaxPopupMessage</code></td>
+<td>string</td>
+<td>Default message provided by the system as a response for blocked AJAX request. Can be manipulated by user, but &lt;%TS.request.ID()%&gt; must be included in this message.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>ajaxRedirectUrl</code></td>
+<td>string</td>
+<td>The system redirects the user to a specific web page instead of viewing a response page. Type the web page's full URL path, for example, <a href="http://www.redirectpage.com">http://www.redirectpage.com</a>. To redirect the blocking page to a URL with a support ID in the query string, type the URL and the support ID in the following format: <a href="http://www.example.com/blocking_page.php?support_id=">http://www.example.com/blocking_page.php?support_id=</a>&lt;%TS.request.ID()%&gt;. The system replaces &lt;%TS.request.ID%&gt; with the relevant support ID so that the blocked request is redirected to the URL with the relevant support ID.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>grpcStatusCode</code></td>
+<td><ul>
+<li>integer</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"ABORTED"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>grpcStatusMessage</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>responseActionType</code></td>
+<td>string</td>
+<td><dl>
+<dt>Which action the system takes, and which content the system sends to the client, as a response when the security policy blocks the client request.</dt>
+<dd><ul>
+<li><strong>custom</strong>: The system returns a response page with HTML code that the user defines.</li>
+<li><strong>default</strong>: The system returns the system-supplied response page in HTML. No further configuration is needed.</li>
+<li><strong>erase-cookies</strong>: The system deletes all client side domain cookies. This is done in order to block web application users once, and not from the entire web application. The system displays this text in the response page. You cannot edit this text.</li>
+<li><strong>redirect</strong>: The system redirects the user to a specific web page instead of viewing a response page. The system provides an additional setting where you can indicate the redirect web page.</li>
+<li><strong>soap-fault</strong>: Displays the system-supplied response written in SOAP fault message structure. Use this type when a SOAP request is blocked due to an XML related violation. You cannot edit this text.</li>
+</ul>
+</dd>
+</dl></td>
+<td><ul>
+<li>custom</li>
+<li>default</li>
+<li>erase-cookies</li>
+<li>redirect</li>
+<li>soap-fault</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>responseContent</code></td>
+<td>string</td>
+<td>The content the system sends to the client in response to an illegal blocked request.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>responseHeader</code></td>
+<td>string</td>
+<td>The response headers that the system sends to the client as a response to an illegal blocked request.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>responsePageType</code></td>
+<td>string</td>
+<td><dl>
+<dt>The different types of blocking response pages which are available from the system:</dt>
+<dd><ul>
+<li><strong>ajax</strong>: The system sends the AJAX Blocking Response Page when the security policy blocks an AJAX request that does not comply with the security policy.</li>
+<li><strong>default</strong>: The system sends the default response when the security policy blocks a client request.</li>
+<li><strong>graphql</strong>: The system sends the GraphQL response when the security policy blocks a client request that contains GraphQL message that does not comply with the settings of a GraphQL profile configured in the security policy.</li>
+<li><strong>grpc</strong>: The system sends the gRPC response when the security policy blocks a client request that contains gRPC message that does not comply with the settings of a gRPC profile configured in the security policy.</li>
+<li><strong>xml</strong>: The system sends the XML response page when the security policy blocks a client request that contains XML content that does not comply with the settings of an XML profile configured in the security policy.</li>
+</ul>
+</dd>
+</dl></td>
+<td><ul>
+<li>ajax</li>
+<li>default</li>
+<li>graphql</li>
+<li>grpc</li>
+<li>xml</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>responseRedirectUrl</code></td>
+<td>string</td>
+<td>The particular URL to which the system redirects the user. To redirect the blocking page to a URL with a support ID in the query string, type the URL and the support ID in the following format: <a href="http://www.example.com/blocking_page.php?support_id=">http://www.example.com/blocking_page.php?support_id=</a>&lt;%TS.request.ID()%&gt;. The system replaces &lt;%TS.request.ID%&gt; with the relevant support ID so that the blocked request is redirected to the URL with the relevant support ID.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/sensitive-parameters">sensitive-parameters</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td>Name of a parameter whose values the system should consider sensitive.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/server-technologies">server-technologies</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>serverTechnologyName</code></td>
+<td>string</td>
+<td>Specifies the name of the selected policy. For example, PHP will add attack signatures that cover known PHP vulnerabilities.</td>
+<td><ul>
+<li>ASP</li>
+<li>ASP.NET</li>
+<li>AngularJS</li>
+<li>Apache Struts</li>
+<li>Apache Tomcat</li>
+<li>Apache/NCSA HTTP Server</li>
+<li>BEA Systems WebLogic Server</li>
+<li>Backbone.js</li>
+<li>CGI</li>
+<li>Cisco</li>
+<li>Citrix</li>
+<li>CodeIgniter</li>
+<li>CouchDB</li>
+<li>Django</li>
+<li>Elasticsearch</li>
+<li>Ember.js</li>
+<li>Express.js</li>
+<li>Front Page Server Extensions (FPSE)</li>
+<li>Google Web Toolkit</li>
+<li>GraphQL</li>
+<li>Handlebars</li>
+<li>IBM DB2</li>
+<li>IIS</li>
+<li>JBoss</li>
+<li>Java Servlets/JSP</li>
+<li>JavaScript</li>
+<li>JavaServer Faces (JSF)</li>
+<li>Jenkins</li>
+<li>Jetty</li>
+<li>Joomla</li>
+<li>Laravel</li>
+<li>Lotus Domino</li>
+<li>Macromedia ColdFusion</li>
+<li>Macromedia JRun</li>
+<li>Microsoft SQL Server</li>
+<li>Microsoft Windows</li>
+<li>MongoDB</li>
+<li>MooTools</li>
+<li>Mustache</li>
+<li>MySQL</li>
+<li>Neo4J</li>
+<li>Nginx</li>
+<li>Node.js</li>
+<li>Novell</li>
+<li>Oracle</li>
+<li>Oracle Application Server</li>
+<li>Oracle Identity Manager</li>
+<li>Outlook Web Access</li>
+<li>PHP</li>
+<li>PostgreSQL</li>
+<li>Prototype</li>
+<li>Proxy Servers</li>
+<li>Python</li>
+<li>React</li>
+<li>Redis</li>
+<li>RequireJS</li>
+<li>Ruby</li>
+<li>SQLite</li>
+<li>SSI (Server Side Includes)</li>
+<li>SharePoint</li>
+<li>Spring Boot</li>
+<li>Svelte</li>
+<li>Sybase/ASE</li>
+<li>TYPO3 CMS</li>
+<li>UIKit</li>
+<li>Underscore.js</li>
+<li>Unix/Linux</li>
+<li>Vue.js</li>
+<li>WebDAV</li>
+<li>WordPress</li>
+<li>XML</li>
+<li>ZURB Foundation</li>
+<li>Zend</li>
+<li>ef.js</li>
+<li>jQuery</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/signature-requirements">signature-requirements</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>maxRevisionDatetime</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>minRevisionDatetime</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>tag</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/signature-sets">signature-sets</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>alarm</code></td>
+<td>boolean</td>
+<td>If enabled - when a signature from this signature set is detected in a request - the request is logged.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>block</code></td>
+<td>boolean</td>
+<td>If enabled - when a signature from this signature set is detected in a request - the request is blocked.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>learn</code></td>
+<td>boolean</td>
+<td>If enabled - when a signature from this signature set is detected in a request -the policy builder creates a learning suggestion to disable it.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td>Signature set name.</td>
+<td><ul>
+<li>All Response Signatures</li>
+<li>All Signatures</li>
+<li>Authentication/Authorization Attack Signatures</li>
+<li>Buffer Overflow Signatures</li>
+<li>CVE Signatures</li>
+<li>Command Execution Signatures</li>
+<li>Cross Site Scripting Signatures</li>
+<li>Denial of Service Signatures</li>
+<li>Directory Indexing Signatures</li>
+<li>Generic Detection Signatures</li>
+<li>Generic Detection Signatures (High Accuracy)</li>
+<li>Generic Detection Signatures (High/Medium Accuracy)</li>
+<li>HTTP Response Splitting Signatures</li>
+<li>High Accuracy Detection Evasion Signatures</li>
+<li>High Accuracy Signatures</li>
+<li>Information Leakage Signatures</li>
+<li>Low Accuracy Signatures</li>
+<li>Medium Accuracy Signatures</li>
+<li>OS Command Injection Signatures</li>
+<li>OWA Signatures</li>
+<li>Other Application Attacks Signatures</li>
+<li>Path Traversal Signatures</li>
+<li>Predictable Resource Location Signatures</li>
+<li>Remote File Include Signatures</li>
+<li>SQL Injection Signatures</li>
+<li>Server Side Code Injection Signatures</li>
+<li>Vulnerability Scan Signatures</li>
+<li>WebSphere signatures</li>
+<li>XML External Entities (XXE) Signatures</li>
+<li>XPath Injection Signatures</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/signature-sets/signatureSet">signatureSet</a></td>
+<td>object</td>
+<td>Defines signature set.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>stagingCertificationDatetime</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li></li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/signature-sets/signatureSet">signatureSet</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/signature-sets/signatureSet/filter">filter</a></td>
+<td>object</td>
+<td>Specifies filter that defines signature set.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/signature-sets/signatureSet/signatures">signatures</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/signature-sets/signatureSet/systems">systems</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>type</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>filter-based</li>
+<li>manual</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h4 id="policy/signature-sets/signatureSet/filter">filter</h4>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>accuracyFilter</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>all</li>
+<li>eq</li>
+<li>ge</li>
+<li>le</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>accuracyValue</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>all</li>
+<li>high</li>
+<li>low</li>
+<li>medium</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/signature-sets/signatureSet/filter/attackType">attackType</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>hasCve</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>all</li>
+<li>no</li>
+<li>yes</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>lastUpdatedFilter</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>after</li>
+<li>all</li>
+<li>before</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>lastUpdatedValue</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>riskFilter</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>all</li>
+<li>eq</li>
+<li>ge</li>
+<li>le</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>riskValue</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>all</li>
+<li>high</li>
+<li>low</li>
+<li>medium</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>signatureType</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>all</li>
+<li>request</li>
+<li>response</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><p><code>tagFilter</code></p></td>
+<td><p>string</p></td>
+<td><p>Filter by signature tagValue.</p>
+<blockquote>
+<ul>
+<li><strong>all</strong>: no filter applied.</li>
+<li><strong>eq</strong>: only signatures with a tag that equals tagValue are added to the signature set.</li>
+<li><strong>untagged</strong>: only signatures without a tag are added to the signature set.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>all</li>
+<li>eq</li>
+<li>untagged</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>tagValue</code></td>
+<td>string</td>
+<td>Value for the tagFilter. Relevant only for the <strong>eq</strong> value of tagFilter.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>userDefinedFilter</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>all</li>
+<li>no</li>
+<li>yes</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h5 id="policy/signature-sets/signatureSet/filter/attackType">attackType</h5>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h4 id="policy/signature-sets/signatureSet/signatures">signatures</h4>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>signatureId</code></td>
+<td>integer</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>tag</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h4 id="policy/signature-sets/signatureSet/systems">systems</h4>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/signature-settings">signature-settings</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>minimumAccuracyForAutoAddedSignatures</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>high</li>
+<li>low</li>
+<li>medium</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>signatureStaging</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>stagingCertificationDatetime</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li></li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/signatures">signatures</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td>Specifies, if true, that the signature is enabled on the security policy. When false, the signature is disable on the security policy.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>learn</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td>The signature name which, along with the signature tag, identifies the signature.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>performStaging</code></td>
+<td>boolean</td>
+<td>Specifies, if true, that the signature is in staging. The system does not enforce signatures in staging. Instead, the system records the request information and keeps it for a period of time (the Enforcement Readiness Period whose default time period is 7 days). Specifies, when false, that the staging feature is not in use, and that the system enforces the signatures' Learn/Alarm/Block settings immediately. (Blocking is performed only if the security policy's enforcement mode is Blocking.)</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>signatureId</code></td>
+<td>integer</td>
+<td>The signature ID which identifies the signature.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>tag</code></td>
+<td>string</td>
+<td>The signature tag which, along with the signature name, identifies the signature.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/threat-campaigns">threat-campaigns</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>displayName</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>isEnabled</code></td>
+<td>boolean</td>
+<td>If enabled - threat campaign is enforced in the security policy.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td>Name of the threat campaign.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/urls">urls</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/access-profiles">accessProfile</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>allowRenderingInFrames</code></td>
+<td>string</td>
+<td>Specifies the conditions for when the browser should allow this URL to be rendered in a frame or iframe. never: Specifies that this URL must never be rendered in a frame or iframe. The web application instructs browsers to hide, or disable, frame and iframe parts of this URL. only-same: Specifies that the browser may load the frame or iframe if the referring page is from the same protocol, port, and domain as this URL. This limits the user to navigate only within the same web application.</td>
+<td><ul>
+<li>never</li>
+<li>only-same</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>allowRenderingInFramesOnlyFrom</code></td>
+<td>string</td>
+<td>Specifies that the browser may load the frame or iframe from a specified domain. Type the protocol and domain in URL format for example, <a href="http://www.mywebsite.com">http://www.mywebsite.com</a>. Do not enter a sub-URL, such as <a href="http://www.mywebsite.com/index">http://www.mywebsite.com/index</a>.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>attackSignaturesCheck</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that you want attack signatures and threat campaigns to be detected on this URL and possibly override the security policy settings of an attack signature or threat campaign specifically for this URL. After you enable this setting, the system displays a list of attack signatures and threat campaigns.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/urls/authorizationRules">authorizationRules</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>canChangeDomainCookie</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>clickjackingProtection</code></td>
+<td>boolean</td>
+<td>Specifies that the system adds the X-Frame-Options header to the domain URL's response header. This is done to protect the web application against clickjacking. Clickjacking occurs when an attacker lures a user to click illegitimate frames and iframes because the attacker hid them on legitimate visible website buttons. Therefore, enabling this option protects the web application from other web sites hiding malicious code behind them. The default is disabled. After you enable this option, you can select whether, and under what conditions, the browser should allow this URL to be rendered in a frame or iframe.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>disallowFileUploadOfExecutables</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/urls/html5CrossOriginRequestsEnforcement">html5CrossOriginRequestsEnforcement</a></td>
+<td>object</td>
+<td>The system extracts the Origin (domain) of the request from the Origin header.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>isAllowed</code></td>
+<td>boolean</td>
+<td>If <em>true</em>, the URLs allowed by the security policy.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>mandatoryBody</code></td>
+<td>boolean</td>
+<td>A request body is mandatory. This is relevant for any method acting as POST.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/urls/metacharOverrides">metacharOverrides</a></td>
+<td>array of objects</td>
+<td>To allow or disallow specific meta characters in the name of this specific URL (and thus override the global meta character settings).</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>metacharsOnUrlCheck</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that you want meta characters to be detected on this URL and possibly override the security policy settings of a meta character specifically for this URL. After you enable this setting, the system displays a list of meta characters.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>method</code></td>
+<td>string</td>
+<td>Unique ID of a URL with a protocol type and name. Select a Method for the URL to create an API endpoint: URL + Method.</td>
+<td><ul>
+<li>ACL</li>
+<li>BCOPY</li>
+<li>BDELETE</li>
+<li>BMOVE</li>
+<li>BPROPFIND</li>
+<li>BPROPPATCH</li>
+<li>CHECKIN</li>
+<li>CHECKOUT</li>
+<li>CONNECT</li>
+<li>COPY</li>
+<li>DELETE</li>
+<li>GET</li>
+<li>HEAD</li>
+<li>LINK</li>
+<li>LOCK</li>
+<li>MERGE</li>
+<li>MKCOL</li>
+<li>MKWORKSPACE</li>
+<li>MOVE</li>
+<li>NOTIFY</li>
+<li>OPTIONS</li>
+<li>PATCH</li>
+<li>POLL</li>
+<li>POST</li>
+<li>PROPFIND</li>
+<li>PROPPATCH</li>
+<li>PUT</li>
+<li>REPORT</li>
+<li>RPC_IN_DATA</li>
+<li>RPC_OUT_DATA</li>
+<li>SEARCH</li>
+<li>SUBSCRIBE</li>
+<li>TRACE</li>
+<li>TRACK</li>
+<li>UNLINK</li>
+<li>UNLOCK</li>
+<li>UNSUBSCRIBE</li>
+<li>VERSION_CONTROL</li>
+<li>X-MS-ENUMATTS</li>
+<li>*</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/urls/methodOverrides">methodOverrides</a></td>
+<td>array of objects</td>
+<td>Specifies a list of methods that are allowed or disallowed for a specific URL. The list overrides the list of methods allowed or disallowed globally at the policy level.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>methodsOverrideOnUrlCheck</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that you want methods to be detected on this URL and possibly override the security policy settings of a method specifically for this URL. After you enable this setting, the system displays a list of methods.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><p><code>name</code></p></td>
+<td><p>string</p></td>
+<td><p>Specifies an HTTP URL that the security policy allows. The available types are:</p>
+<blockquote>
+<ul>
+<li><strong>Explicit</strong>: Specifies that the URL has a specific name and is not a wildcard entity. Type the name of a URL exactly as you expect it to appear in the request.</li>
+<li><strong>Wildcard</strong>: Specifies that any URL that matches the listed wildcard expression should be treated according to the wildcard attributes. Type a wildcard expression that matches the expected URL. For example, entering the wildcard expression * specifies that any URL is allowed by the security policy.</li>
+</ul>
+</blockquote>
+<p>The syntax for wildcard entities is based on shell-style wildcard characters. The list below describes the wildcard characters that you can use so that the entity name can match multiple objects.</p>
+<blockquote>
+<ul>
+<li><strong>*</strong>: Matches all characters</li>
+<li><strong>?</strong>: Matches any single character</li>
+<li><strong>[abcde]</strong>: Matches exactly one of the characters listed</li>
+<li><strong>[!abcde]</strong>: Matches any character not listed</li>
+<li><strong>[a-e]</strong>: Matches exactly one character in the range</li>
+<li><strong>[!a-e]</strong>: Matches any character not in the range</li>
+</ul>
+</blockquote>
+<p><strong>Note</strong>: Wildcards do not match regular expressions. Do not use a regular expression as a wildcard.</p></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>operationId</code></td>
+<td>string</td>
+<td>The attribute operationId is used as an OpenAPI endpoint identifier.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/urls/positionalParameters">positionalParameters</a></td>
+<td>array of objects</td>
+<td>When checked (enabled), positional parameters are enabled in the URL.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>protocol</code></td>
+<td>string</td>
+<td>Specifies whether the protocol for the URL is HTTP or HTTPS.</td>
+<td><ul>
+<li>http</li>
+<li>https</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/urls/signatureOverrides">signatureOverrides</a></td>
+<td>array of objects</td>
+<td>Array of signature overrides. Specifies attack signatures whose security policy settings are overridden for this URL, and which action the security policy takes when it discovers a request for this URL that matches these attack signatures.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>type</code></td>
+<td>string</td>
+<td>Determines the type of the <strong>name</strong> attribute. Only when setting the type to wildcard will the special wildcard characters in the name be interpreted as such.</td>
+<td><ul>
+<li>explicit</li>
+<li>wildcard</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/urls/urlContentProfiles">urlContentProfiles</a></td>
+<td>array of objects</td>
+<td>Specifies how the system recognizes and enforces requests for this URL according to the requests' header content. The system automatically creates a default header-based content profile for HTTP, and you cannot delete it. However, requests for a URL may contain other types of content, such as JSON, XML, or other proprietary formats.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>wildcardOrder</code></td>
+<td>integer</td>
+<td>Specifies the order index for wildcard URLs matching. Wildcard URLs with lower wildcard order will get checked for a match prior to URLs with higher wildcard order.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/urls/authorizationRules">authorizationRules</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>condition</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/urls/html5CrossOriginRequestsEnforcement">html5CrossOriginRequestsEnforcement</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>allowOriginsEnforcementMode</code></td>
+<td>string</td>
+<td>Allows you to specify a list of origins allowed to share data returned by this URL.</td>
+<td><ul>
+<li>replace-with</li>
+<li>unmodified</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>checkAllowedMethods</code></td>
+<td>boolean</td>
+<td>Allows you to specify a list of methods that other web applications hosted in different domains can use when requesting this URL.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/urls/html5CrossOriginRequestsEnforcement/crossDomainAllowedOrigin">crossDomainAllowedOrigin</a></td>
+<td>array of objects</td>
+<td>Allows you to specify a list of origins allowed to share data returned by this URL.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>enforcementMode</code></td>
+<td>string</td>
+<td>Specify the option to determine how to handle CORS requests. disabled: Do nothing related to cross-domain requests. Pass CORS requests exactly as set by the server. enforce: Allow cross-origin resource sharing as configured in the crossDomainAllowedOrigin setting. CORS requests are allowed from the domains specified as allowed origins.</td>
+<td><ul>
+<li>disabled</li>
+<li>enforce</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h4 id="policy/urls/html5CrossOriginRequestsEnforcement/crossDomainAllowedOrigin">crossDomainAllowedOrigin</h4>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>includeSubDomains</code></td>
+<td>boolean</td>
+<td>If <em>true</em>, sub-domains of the allowed origin are also allowed to receive data from your web application.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>originName</code></td>
+<td>string</td>
+<td>Type the domain name or IP address with which the URL can share data. Wildcards are allowed in the names. For example: *.f5.com will match b.f5.com; however it will not match a.b.f5.com.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>originPort</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 65535</li>
+<li>string</li>
+</ul></td>
+<td>Select the port that other web applications can use to request data from your web application, or use the * wildcard for all ports.</td>
+<td><ul>
+<li>Integer values</li>
+<li>"all"</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>originProtocol</code></td>
+<td>string</td>
+<td>Select the appropriate protocol for the allowed origin.</td>
+<td><ul>
+<li>http</li>
+<li>http/https</li>
+<li>https</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/urls/metacharOverrides">metacharOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>isAllowed</code></td>
+<td>boolean</td>
+<td>If <em>true</em>, metacharacters and other characters are allowed in a URL.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metachar</code></td>
+<td>string</td>
+<td>ASCII representation of the character in Hex format</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/urls/methodOverrides">methodOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>allowed</code></td>
+<td>boolean</td>
+<td>Specifies that the system allows you to override allowed methods for this URL. When selected, the global policy settings for methods are listed, and you can change what is allowed or disallowed for this URL.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>method</code></td>
+<td>string</td>
+<td>Specifies a list of existing HTTP methods. All security policies accept standard HTTP methods by default.</td>
+<td><ul>
+<li>ACL</li>
+<li>BCOPY</li>
+<li>BDELETE</li>
+<li>BMOVE</li>
+<li>BPROPFIND</li>
+<li>BPROPPATCH</li>
+<li>CHECKIN</li>
+<li>CHECKOUT</li>
+<li>CONNECT</li>
+<li>COPY</li>
+<li>DELETE</li>
+<li>GET</li>
+<li>HEAD</li>
+<li>LINK</li>
+<li>LOCK</li>
+<li>MERGE</li>
+<li>MKCOL</li>
+<li>MKWORKSPACE</li>
+<li>MOVE</li>
+<li>NOTIFY</li>
+<li>OPTIONS</li>
+<li>PATCH</li>
+<li>POLL</li>
+<li>POST</li>
+<li>PROPFIND</li>
+<li>PROPPATCH</li>
+<li>PUT</li>
+<li>REPORT</li>
+<li>RPC_IN_DATA</li>
+<li>RPC_OUT_DATA</li>
+<li>SEARCH</li>
+<li>SUBSCRIBE</li>
+<li>TRACE</li>
+<li>TRACK</li>
+<li>UNLINK</li>
+<li>UNLOCK</li>
+<li>UNSUBSCRIBE</li>
+<li>VERSION_CONTROL</li>
+<li>X-MS-ENUMATTS</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/urls/positionalParameters">positionalParameters</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/parameters">parameter</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>urlSegmentIndex</code></td>
+<td>integer minimum: 1</td>
+<td>Select which to add: Text or Parameter and enter your desired segments. You can add multiple text and parameter segments.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/urls/signatureOverrides">signatureOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td>Specifies, when true, that the overridden signature is enforced</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td>The signature name which, along with the signature tag, identifies the signature.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>signatureId</code></td>
+<td>integer</td>
+<td>The signature ID which identifies the signature.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>tag</code></td>
+<td>string</td>
+<td>The signature tag which, along with the signature name, identifies the signature.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/urls/urlContentProfiles">urlContentProfiles</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/urls/urlContentProfiles/contentProfile">contentProfile</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>decodeValueAsBase64</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>disabled</li>
+<li>required</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>headerName</code></td>
+<td>string</td>
+<td>Specifies an explicit header name that must appear in requests for this URL. This field is not case-sensitive.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>headerOrder</code></td>
+<td><ul>
+<li>integer</li>
+<li>string</li>
+</ul></td>
+<td>Displays the order in which the system checks header content of requests for this URL.</td>
+<td><ul>
+<li>Integer values</li>
+<li>"default"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>headerValue</code></td>
+<td>string</td>
+<td>Specifies a simple pattern string (glob pattern matching) for the header value that must appear in legal requests for this URL; for example, <em>json</em>, xml_method?, or method[0-9]. If the header includes this pattern, the system assumes the request contains the type of data you select in the Request Body Handling setting. This field is case-sensitive.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>type</code></td>
+<td>string</td>
+<td><ul>
+<li><strong>Apply Content Signatures</strong>: Do not parse the content; scan the entire payload with full-content attack signatures.
+<ul>
+<li><strong>Apply Value and Content Signatures</strong>: Do not parse the content or extract parameters; process the entire payload with value and full-content attack signatures.</li>
+<li><strong>Disallow</strong>: Block requests for an URL containing this header content. Log the Illegal Request Content Type violation.</li>
+<li><strong>Do Nothing</strong>: Do not inspect or parse the content. Handle the header of the request as specified by the security policy.</li>
+<li><strong>Form Data</strong>: Parse content as posted form data in either URL-encoded or multi-part formats. Enforce the form parameters according to the policy.</li>
+<li><strong>GWT</strong>: Perform checks for data in requests, based on the configuration of the GWT (Google Web Toolkit) profile associated with this URL.</li>
+<li><strong>JSON</strong>: Review JSON data using an associated JSON profile, and use value attack signatures to scan the element values.</li>
+<li><strong>XML</strong>: Review XML data using an associated XML profile.</li>
+</ul></li>
+</ul></td>
+<td><ul>
+<li>apply-content-signatures</li>
+<li>apply-value-and-content-signatures</li>
+<li>disallow</li>
+<li>do-nothing</li>
+<li>form-data</li>
+<li>graphql</li>
+<li>grpc</li>
+<li>json</li>
+<li>xml</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h4 id="policy/urls/urlContentProfiles/contentProfile">contentProfile</h4>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/urls">urls</h2>
+<table>
+<colgroup>
+<col style="width: 23%" />
+<col style="width: 5%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Reference</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="">parameters</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/xml-profiles">xml-profiles</h2>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>attackSignaturesCheck</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/xml-profiles/defenseAttributes">defenseAttributes</a></td>
+<td>object</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>description</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metacharAttributeCheck</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>metacharElementCheck</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/xml-profiles/metacharOverrides">metacharOverrides</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/xml-profiles/signatureOverrides">signatureOverrides</a></td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>useXmlResponsePage</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/xml-profiles/defenseAttributes">defenseAttributes</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>allowCDATA</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>allowDTDs</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>allowExternalReferences</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>allowProcessingInstructions</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>maximumAttributeValueLength</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>maximumAttributesPerElement</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>maximumChildrenPerElement</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>maximumDocumentDepth</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>maximumDocumentSize</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>maximumElements</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>maximumNSDeclarations</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>maximumNameLength</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="odd">
+<td><code>maximumNamespaceLength</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 2147483647</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"any"</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>tolerateCloseTagShorthand</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>tolerateLeadingWhiteSpace</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>tolerateNumericNames</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/xml-profiles/metacharOverrides">metacharOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>isAllowed</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>metachar</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/xml-profiles/signatureOverrides">signatureOverrides</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>signatureId</code></td>
+<td>integer</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>tag</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/blocking-settings_evasions">evasions</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>description</code></td>
+<td>string</td>
+<td>Human-readable name of sub-violation.</td>
+<td><ul>
+<li>%u decoding</li>
+<li>Apache whitespace</li>
+<li>Bad unescape</li>
+<li>Bare byte decoding</li>
+<li>Directory traversals</li>
+<li>IIS Unicode codepoints</li>
+<li>IIS backslashes</li>
+<li>Multiple decoding</li>
+<li>Multiple slashes</li>
+<li>Semicolon path parameters</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td>Defines if sub-violation is enforced - alarmed or blocked, according to the 'Evasion technique detected' (VIOL_EVASION) violation blocking settings.</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>learn</code></td>
+<td>boolean</td>
+<td>Defines if sub-violation is learned. Sub-violations are learned only when learn is enabled for the 'Evasion technique detected' (VIOL_EVASION) violation.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>maxDecodingPasses</code></td>
+<td>integer minimum: 2 maximum: 5</td>
+<td>Defines how many times the system decodes URI and parameter values before the request is considered an evasion. Relevant only for the 'Multiple decoding' sub-violation.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/blocking-settings_http-protocols">http-protocols</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>description</code></td>
+<td>string</td>
+<td>Human-readable name of sub-violation</td>
+<td><ul>
+<li>POST request with Content-Length: 0</li>
+<li>Multiple host headers</li>
+<li>Host header contains IP address</li>
+<li>Null in request</li>
+<li>Header name with no header value</li>
+<li>Chunked request with Content-Length header</li>
+<li>Check maximum number of cookies</li>
+<li>Check maximum number of parameters</li>
+<li>Check maximum number of headers</li>
+<li>Body in GET or HEAD requests</li>
+<li>Bad multipart/form-data request parsing</li>
+<li>Bad multipart parameters parsing</li>
+<li>Unescaped space in URL</li>
+<li>High ASCII characters in headers</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>enabled</code></td>
+<td>boolean</td>
+<td>Defines if sub-violation is enforced - alarmed or blocked, according to the 'HTTP protocol compliance failed' (VIOL_HTTP_PROTOCOL) violation blocking settings</td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>learn</code></td>
+<td>boolean</td>
+<td>Defines if sub-violation is learned. Sub-violations is learned only when learn is enabled for the 'HTTP protocol compliance failed' (VIOL_HTTP_PROTOCOL) violation</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>maxCookies</code></td>
+<td>integer minimum: 1 maximum: 100</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>maxHeaders</code></td>
+<td>integer minimum: 1 maximum: 150</td>
+<td>Defines maximum allowed number of headers in request. Relevant only for the 'Check maximum number of headers' sub-violation</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>maxParams</code></td>
+<td>integer minimum: 1 maximum: 5000</td>
+<td>Defines maximum allowed number of parameters in request. Relevant only for the 'Check maximum number of parameters' sub-violation</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/blocking-settings_violations">violations</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>alarm</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>block</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>description</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>learn</code></td>
+<td>boolean</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>VIOL_ACCESS_UNAUTHORIZED</li>
+<li>VIOL_ACCESS_INVALID</li>
+<li>VIOL_ACCESS_MALFORMED</li>
+<li>VIOL_ACCESS_MISSING</li>
+<li>VIOL_ASM_COOKIE_MODIFIED</li>
+<li>VIOL_BLACKLISTED_IP</li>
+<li>VIOL_BOT_CLIENT</li>
+<li>VIOL_BRUTE_FORCE</li>
+<li>VIOL_COOKIE_EXPIRED</li>
+<li>VIOL_COOKIE_LENGTH</li>
+<li>VIOL_COOKIE_MALFORMED</li>
+<li>VIOL_COOKIE_MODIFIED</li>
+<li>VIOL_CSRF</li>
+<li>VIOL_DATA_GUARD</li>
+<li>VIOL_ENCODING</li>
+<li>VIOL_EVASION</li>
+<li>VIOL_FILETYPE</li>
+<li>VIOL_FILE_UPLOAD</li>
+<li>VIOL_FILE_UPLOAD_IN_BODY</li>
+<li>VIOL_GRAPHQL_MALFORMED</li>
+<li>VIOL_GRAPHQL_FORMAT</li>
+<li>VIOL_GRAPHQL_INTROSPECTION_QUERY</li>
+<li>VIOL_GRAPHQL_ERROR_RESPONSE</li>
+<li>VIOL_GRPC_FORMAT</li>
+<li>VIOL_GRPC_MALFORMED</li>
+<li>VIOL_GRPC_METHOD</li>
+<li>VIOL_HEADER_LENGTH</li>
+<li>VIOL_HEADER_METACHAR</li>
+<li>VIOL_HEADER_REPEATED</li>
+<li>VIOL_HTTP_PROTOCOL</li>
+<li>VIOL_HTTP_RESPONSE_STATUS</li>
+<li>VIOL_JSON_FORMAT</li>
+<li>VIOL_JSON_MALFORMED</li>
+<li>VIOL_JSON_SCHEMA</li>
+<li>VIOL_LOGIN</li>
+<li>VIOL_LOGIN_URL_BYPASSED</li>
+<li>VIOL_LOGIN_URL_EXPIRED</li>
+<li>VIOL_MANDATORY_HEADER</li>
+<li>VIOL_MANDATORY_PARAMETER</li>
+<li>VIOL_MANDATORY_REQUEST_BODY</li>
+<li>VIOL_METHOD</li>
+<li>VIOL_PARAMETER</li>
+<li>VIOL_PARAMETER_ARRAY_VALUE</li>
+<li>VIOL_PARAMETER_DATA_TYPE</li>
+<li>VIOL_PARAMETER_EMPTY_VALUE</li>
+<li>VIOL_PARAMETER_LOCATION</li>
+<li>VIOL_PARAMETER_MULTIPART_NULL_VALUE</li>
+<li>VIOL_PARAMETER_NAME_METACHAR</li>
+<li>VIOL_PARAMETER_NUMERIC_VALUE</li>
+<li>VIOL_PARAMETER_REPEATED</li>
+<li>VIOL_PARAMETER_STATIC_VALUE</li>
+<li>VIOL_PARAMETER_VALUE_BASE64</li>
+<li>VIOL_PARAMETER_VALUE_LENGTH</li>
+<li>VIOL_PARAMETER_VALUE_METACHAR</li>
+<li>VIOL_PARAMETER_VALUE_REGEXP</li>
+<li>VIOL_POST_DATA_LENGTH</li>
+<li>VIOL_QUERY_STRING_LENGTH</li>
+<li>VIOL_RATING_THREAT</li>
+<li>VIOL_RATING_NEED_EXAMINATION</li>
+<li>VIOL_REQUEST_MAX_LENGTH</li>
+<li>VIOL_REQUEST_LENGTH</li>
+<li>VIOL_THREAT_CAMPAIGN</li>
+<li>VIOL_URL</li>
+<li>VIOL_URL_CONTENT_TYPE</li>
+<li>VIOL_URL_LENGTH</li>
+<li>VIOL_URL_METACHAR</li>
+<li>VIOL_XML_FORMAT</li>
+<li>VIOL_XML_MALFORMED</li>
+<li>VIOL_GEOLOCATION</li>
+<li>VIOL_WEBSOCKET_BAD_REQUEST</li>
+<li>VIOL_MALICIOUS_IP</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h2 id="policy/bot-defense_mitigations">mitigations</h2>
+<table>
+<colgroup>
+<col style="width: 23%" />
+<col style="width: 5%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Reference</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><a href="#policy/bot-defense/mitigations_anomalies">anomalies</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/bot-defense/mitigations_browsers">browsers</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><a href="#policy/bot-defense/mitigations_classes">classes</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>List of classes and their actions.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><a href="#policy/bot-defense/mitigations_signatures">signatures</a></td>
+<td>Yes</td>
+<td>array of objects</td>
+<td>List of signatures and their actions. If a signature is not in the list - its action will be taken according to the class it belongs to.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/bot-defense_settings">settings</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>caseSensitiveHttpHeaders</code></td>
+<td>boolean</td>
+<td>If <em>false</em> the system will not check header name with case sensitivity for both relevant anomalies: Invalid HTTP Headers, Suspicious HTTP Headers.</td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>isEnabled</code></td>
+<td>boolean</td>
+<td>If <em>true</em> the system detects bots.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/bot-defense/mitigations_anomalies">anomalies</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>action</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>alarm</li>
+<li>block</li>
+<li>default</li>
+<li>detect</li>
+<li>ignore</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>scoreThreshold</code></td>
+<td><ul>
+<li>integer minimum: 0 maximum: 150</li>
+<li>string</li>
+</ul></td>
+<td></td>
+<td><ul>
+<li>Integer values</li>
+<li>"default"</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/bot-defense/mitigations_browsers">browsers</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><code>action</code></td>
+<td>string</td>
+<td></td>
+<td><ul>
+<li>alarm</li>
+<li>block</li>
+<li>detect</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>maxVersion</code></td>
+<td>integer minimum: 0 maximum: 2147483647</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="odd">
+<td><code>minVersion</code></td>
+<td>integer minimum: 0 maximum: 2147483647</td>
+<td></td>
+<td></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/bot-defense/mitigations_classes">classes</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><p><code>action</code></p></td>
+<td><p>string</p></td>
+<td><p>The action we set for this class.</p>
+<blockquote>
+<ul>
+<li><strong>ignore</strong>: The system will not detect or report bots from this class.</li>
+<li><strong>detect</strong>: The system will detect and report the bot, but violation won't be reported.</li>
+<li><strong>alarm</strong>: The system will detect and report requests made by bots from this class as illegal, but will not block them.</li>
+<li><strong>block</strong>: The system will detect and report requests made by bots from this class as illegal, and block them.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>alarm</li>
+<li>block</li>
+<li>detect</li>
+<li>ignore</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td>The class we set the action to.</td>
+<td><ul>
+<li>browser</li>
+<li>malicious-bot</li>
+<li>suspicious-browser</li>
+<li>trusted-bot</li>
+<li>unknown</li>
+<li>untrusted-bot</li>
+</ul></td>
+</tr>
+</tbody>
+</table>
+<h3 id="policy/bot-defense/mitigations_signatures">signatures</h3>
+<table>
+<colgroup>
+<col style="width: 29%" />
+<col style="width: 5%" />
+<col style="width: 47%" />
+<col style="width: 17%" />
+</colgroup>
+<thead>
+<tr class="header">
+<th>Field Name</th>
+<th>Type</th>
+<th>Description</th>
+<th>Allowed Values</th>
+</tr>
+</thead>
+<tbody>
+<tr class="odd">
+<td><p><code>action</code></p></td>
+<td><p>string</p></td>
+<td><p>The action we set for this signature.</p>
+<blockquote>
+<ul>
+<li><strong>ignore</strong>: The system will not detect or report this signature.</li>
+<li><strong>detect</strong>: The system will detect and report the signature, but violation won't be reported.</li>
+<li><strong>alarm</strong>: The system will detect and report requests made by those specific bots as illegal, but will not block them.</li>
+<li><strong>block</strong>: The system will detect and report requests made by those specific bots as illegal, and will block them.</li>
+</ul>
+</blockquote></td>
+<td><ul>
+<li>alarm</li>
+<li>block</li>
+<li>detect</li>
+<li>ignore</li>
+</ul></td>
+</tr>
+<tr class="even">
+<td><code>name</code></td>
+<td>string</td>
+<td>The name of the signature we want to change action for.</td>
+<td></td>
+</tr>
+</tbody>
+</table>
diff --git a/content/includes/waf/supported-policy-features.md b/content/includes/waf/supported-policy-features.md
new file mode 100644
index 000000000..1e8a93dd0
--- /dev/null
+++ b/content/includes/waf/supported-policy-features.md
@@ -0,0 +1,4 @@
+| Feature           | Description |
+| ----------------- | ----------- |
+| [Attack signatures]({{< ref "/waf/policies/attack-signatures.md" >}}) | The default policy covers the OWASP top 10 attack patterns. Specific signature sets can be added or disabled. |
+| [IP intelligence]({{< ref "/waf/policies/ip-intelligence.md" >}}) | Configure the IP Intelligence feature to customize enforcement based on the source IP of the request, limiting access from IP addresses with questionable reputation. |
\ No newline at end of file
diff --git a/content/nap-dos/_index.md b/content/nap-dos/_index.md
index e7d8430f2..264ffc8af 100644
--- a/content/nap-dos/_index.md
+++ b/content/nap-dos/_index.md
@@ -1,6 +1,6 @@
 ---
 # The title is the product name
-title: F5 NGINX App Protect DoS
+title: F5 DoS for NGINX
 # The URL is the base of the deployed path, becoming "docs.nginx.com/<url>/<other-pages>"
 url: /nginx-app-protect-dos/
 # The cascade directive applies its nested parameters down the page tree until overwritten
@@ -21,7 +21,7 @@ nd-product: NAP-DOS
 ## About
 Achieve comprehensive protection against DoS and DDoS attacks for your apps and APIs with a multi-layered, adaptive, automated mitigation strategy for DevOps environments. 
 
-Running natively on NGINX Plus and NGINX Ingress Controller, NGINX App Protect DoS is platform-agnostic and supports deployment options ranging from edge load balancers to individual pods in Kubernetes clusters.
+Running natively on NGINX Plus and NGINX Ingress Controller, F5 DoS for NGINX is platform-agnostic and supports deployment options ranging from edge load balancers to individual pods in Kubernetes clusters.
 
 ## Featured content
 [//]: # "You can add a maximum of three cards: any extra will not display."
@@ -31,15 +31,15 @@ Running natively on NGINX Plus and NGINX Ingress Controller, NGINX App Protect D
 {{<card-layout>}}
   {{<card-section showAsCards="true" isFeaturedSection="true">}}
     {{<card title="Deployment" titleUrl="/nginx-app-protect-dos/deployment-guide/learn-about-deployment/">}}
-      Read how to install and upgrade NGINX App Protect DoS
+      Read how to install and upgrade F5 DoS for NGINX
     {{</card>}}
     <!-- The titleURL and icon are both optional -->
     <!-- Lucide icon names can be found at https://lucide.dev/icons/ -->
     {{<card title="Troubleshooting" titleUrl="/nginx-app-protect-dos/troubleshooting-guide/how-to-troubleshoot/">}}
-      Learn how to debug NGINX App Protect DoS
+      Learn how to debug F5 DoS for NGINX
     {{</card>}}
     {{<card title="Releases" titleUrl="/nginx-app-protect-dos/releases/" icon="clock-alert">}}
-      Review changelogs for NGINX App Protect DoS
+      Review changelogs for F5 DoS for NGINX
     {{</card>}}
   {{</card-section>}}
 {{</card-layout>}}
\ No newline at end of file
diff --git a/content/nap-dos/deployment-guide/_index.md b/content/nap-dos/deployment-guide/_index.md
index 14aebe96b..8a504d018 100644
--- a/content/nap-dos/deployment-guide/_index.md
+++ b/content/nap-dos/deployment-guide/_index.md
@@ -1,5 +1,5 @@
 ---
-description: Learn how to deploy NGINX App Protect DoS.
+description: Learn how to deploy F5 DoS for NGINX.
 title: Deployment Guide
 weight: 100
 url: /nginx-app-protect-dos/deployment-guide/
diff --git a/content/nap-dos/deployment-guide/installing-nginx-plus-with-dos-and-waf-on-amazon-web-services.md b/content/nap-dos/deployment-guide/installing-nginx-plus-with-dos-and-waf-on-amazon-web-services.md
index a3eae476c..859cb939d 100644
--- a/content/nap-dos/deployment-guide/installing-nginx-plus-with-dos-and-waf-on-amazon-web-services.md
+++ b/content/nap-dos/deployment-guide/installing-nginx-plus-with-dos-and-waf-on-amazon-web-services.md
@@ -17,28 +17,28 @@ The AMIs contain combination of the following components:
 
 - Latest version of [F5 NGINX Plus](https://www.f5.com/products/nginx/nginx-plus), optimized for use on Amazon EC2
 
-- Latest version of [NGINX App Protect DoS](https://docs.nginx.com/nginx-app-protect-dos/), optimized for use on Amazon EC2
+- Latest version of [F5 DoS for NGINX](https://docs.nginx.com/nginx-app-protect-dos/), optimized for use on Amazon EC2
 - Latest version of [NGINX App Protect WAF](https://docs.nginx.com/nginx-app-protect-waf/), optimized for use on Amazon EC2
 - Pre-packaged software for building highly available (HA) NGINX Plus configurations
 
 ## Install NGINX Plus NGINX App Protect WAF + DoS
 
-To quickly set up an environment with NGINX Plus, NGINX App Protect WAF and NGINX App Protect DoS on AWS:
+To quickly set up an environment with NGINX Plus, NGINX App Protect WAF and F5 DoS for NGINX on AWS:
 
 1. Follow the instructions in [Getting Started with Amazon EC2 Linux Instances](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html) to sign up on AWS and get more information about EC2 itself.
 2. Proceed to the product page for the appropriate AMI at the AWS Marketplace, and launch the AMI.
 
-    - [NGINX Plus with NGINX App Protect DoS – RHEL 7 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-bjdboufufnb7g?sr=0-4&ref_=beagle&applicationId=AWSMPContessa)
+    - [NGINX Plus with F5 DoS for NGINX – RHEL 7 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-bjdboufufnb7g?sr=0-4&ref_=beagle&applicationId=AWSMPContessa)
 
-    - [NGINX Plus with NGINX App Protect DoS – RHEL8 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-e6bifer7o6uzm?sr=0-13&ref_=beagle&applicationId=AWSMPContessa)
+    - [NGINX Plus with F5 DoS for NGINX – RHEL8 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-e6bifer7o6uzm?sr=0-13&ref_=beagle&applicationId=AWSMPContessa)
 
-    - [NGINX Plus with NGINX App Protect DoS – CentOS 7 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-deeny2oe7izti?sr=0-12&ref_=beagle&applicationId=AWSMPContessa)
+    - [NGINX Plus with F5 DoS for NGINX – CentOS 7 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-deeny2oe7izti?sr=0-12&ref_=beagle&applicationId=AWSMPContessa)
 
-    - [NGINX Plus with NGINX App Protect DoS – Debian 11 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-56oveh2rsxsbq?sr=0-2&ref_=beagle&applicationId=AWSMPContessa)
+    - [NGINX Plus with F5 DoS for NGINX – Debian 11 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-56oveh2rsxsbq?sr=0-2&ref_=beagle&applicationId=AWSMPContessa)
 
-    - [NGINX Plus with NGINX App Protect DoS – Ubuntu 20.04 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-gsoln2vnsgpr4?sr=0-5&ref_=beagle&applicationId=AWSMPContessa)
+    - [NGINX Plus with F5 DoS for NGINX – Ubuntu 20.04 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-gsoln2vnsgpr4?sr=0-5&ref_=beagle&applicationId=AWSMPContessa)
 
-    - [NGINX Plus with NGINX App Protect DoS – Ubuntu 22.04 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-l6f2q2ykrjufy?sr=0-13&ref_=beagle&applicationId=AWSMPContessa)
+    - [NGINX Plus with F5 DoS for NGINX – Ubuntu 22.04 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-l6f2q2ykrjufy?sr=0-13&ref_=beagle&applicationId=AWSMPContessa)
 
     - [NGINX Plus with NGINX App Protect WAF + DoS – RHEL 7 Linux AMI HVM](https://aws.amazon.com/marketplace/pp/prodview-jedbygo6xbvto?sr=0-1&ref_=beagle&applicationId=AWSMPContessa)
 
@@ -62,7 +62,7 @@ To quickly set up an environment with NGINX Plus, NGINX App Protect WAF and NGIN
 
   See [NGINX Plus on the AWS Cloud](https://www.nginx.com/resources/datasheets/nginx-quick-start-guide-for-aws/) deployment guide for details.
 
-6. Verify latest NGINX PLUS / NGINX App Protect DoS / NGINX App Protect WAF packages are installed on EC2 after its first start:
+6. Verify latest NGINX PLUS / F5 DoS for NGINX / NGINX App Protect WAF packages are installed on EC2 after its first start:
 
 
      Verify NGINX App Protect WAF latest release from <https://docs.nginx.com/nginx-app-protect-waf/releases/> is
@@ -88,7 +88,7 @@ To quickly set up an environment with NGINX Plus, NGINX App Protect WAF and NGIN
       nginx -v
       ```
 
-    In case NGINX PLUS / NGINX App Protect DoS / NGINX App Protect WAF packages are not latest release then upgrade the following  with these commands:
+    In case NGINX PLUS / F5 DoS for NGINX / NGINX App Protect WAF packages are not latest release then upgrade the following  with these commands:
 
 
     For App Protect DoS solution based on RedHat / CentOS
@@ -151,17 +151,17 @@ To quickly set up an environment with NGINX Plus, NGINX App Protect WAF and NGIN
 
 
 
-8. If AMI includes [NGINX App Protect DoS](https://docs.nginx.com/nginx-app-protect-dos/)
+8. If AMI includes [F5 DoS for NGINX](https://docs.nginx.com/nginx-app-protect-dos/)
 
-    To enable NGINX App Protect DoS use the following steps:
+    To enable F5 DoS for NGINX use the following steps:
 
-    a. Load the NGINX App Protect DoS module on the main context in the `nginx.conf` file:
+    a. Load the F5 DoS for NGINX module on the main context in the `nginx.conf` file:
 
     ```shell
     load_module modules/ngx_http_app_protect_dos_module.so;
     ```
 
-    b. Enable NGINX App Protect DoS on an `http/server/location` context in the `nginx.conf` file:
+    b. Enable F5 DoS for NGINX on an `http/server/location` context in the `nginx.conf` file:
 
     ```shell
     app_protect_dos_enable on;
@@ -182,7 +182,7 @@ To quickly set up an environment with NGINX Plus, NGINX App Protect WAF and NGIN
     sudo systemctl restart nginx
     ```
 
-  For more configuration information follow [NGINX App Protect DoS Directives and Policy](https://docs.nginx.com/nginx-app-protect-dos/directives-and-policy/learn-about-directives-and-policy/).
+  For more configuration information follow [F5 DoS for NGINX Directives and Policy](https://docs.nginx.com/nginx-app-protect-dos/directives-and-policy/learn-about-directives-and-policy/).
 
 
 
@@ -190,7 +190,7 @@ To quickly set up an environment with NGINX Plus, NGINX App Protect WAF and NGIN
 
 If you encounter any problems with NGINX Plus configuration, documentation is available at [nginx.org](https://nginx.org/en/docs/) and in the [NGINX Plus Admin Guide](https://docs.nginx.com/nginx/admin-guide/installing-nginx/).
 
-If you encounter any problems with NGINX App Protect DoS configuration, documentation is available at the [NGINX App Protect DoS Troubleshooting Guide](https://docs.nginx.com/nginx-app-protect-dos/troubleshooting-guide/how-to-troubleshoot/).
+If you encounter any problems with F5 DoS for NGINX configuration, documentation is available at the [F5 DoS for NGINX Troubleshooting Guide](https://docs.nginx.com/nginx-app-protect-dos/troubleshooting-guide/how-to-troubleshoot/).
 
 If you encounter any problems with NGINX App Protect WAF configuration, documentation is available at the [NGINX App Protect WAF Troubleshooting Guide](https://docs.nginx.com/nginx-app-protect-waf/v4/troubleshooting-guide/troubleshooting/).
 
diff --git a/content/nap-dos/deployment-guide/learn-about-deployment.md b/content/nap-dos/deployment-guide/learn-about-deployment.md
index b4eeb180b..ed0c2e054 100644
--- a/content/nap-dos/deployment-guide/learn-about-deployment.md
+++ b/content/nap-dos/deployment-guide/learn-about-deployment.md
@@ -1,7 +1,7 @@
 ---
-description: Learn about F5 NGINX App Protect DoS Deployment.
+description: Learn about F5 F5 DoS for NGINX Deployment.
 nd-docs: DOCS-666
-title: NGINX App Protect DoS Deployment
+title: F5 DoS for NGINX Deployment
 toc: true
 weight: 100
 type:
@@ -10,16 +10,16 @@ type:
 
 ## Overview
 
-F5 NGINX App Protect DoS provides behavioral protection against DoS for your web applications. <br><br>
-This guide explains how to deploy NGINX App Protect DoS as well as upgrade App Protect DoS.
+F5 F5 DoS for NGINX provides behavioral protection against DoS for your web applications. <br><br>
+This guide explains how to deploy F5 DoS for NGINX as well as upgrade App Protect DoS.
 
 ## Prerequisites
 
-NGINX App Protect DoS is available to the customers as a downloadable dynamic module at an additional cost. To purchase or add NGINX App Protect DoS to an existing NGINX Plus subscription, contact the NGINX sales team.
+F5 DoS for NGINX is available to the customers as a downloadable dynamic module at an additional cost. To purchase or add F5 DoS for NGINX to an existing NGINX Plus subscription, contact the NGINX sales team.
 
-NGINX Plus Release 24 and later supports NGINX App Protect DoS.
+NGINX Plus Release 24 and later supports F5 DoS for NGINX.
 
-NGINX App Protect DoS supports the following operating systems:
+F5 DoS for NGINX supports the following operating systems:
 
 - [RHEL 8.1+ / Rocky Linux 8](#rhel-8--rocky-linux-8-installation)
 - [RHEL 9.0+ / Rocky Linux 9](#rhel-9--rocky-linux-9-installation)
@@ -33,7 +33,7 @@ NGINX App Protect DoS supports the following operating systems:
 - [AmazonLinux 2023](#amazon-linux-2023-installation)
 
 
-The NGINX App Protect DoS package has the following dependencies:
+The F5 DoS for NGINX package has the following dependencies:
 
 1. **nginx-plus-module-appprotectdos** - NGINX Plus dynamic module for App Protect DoS
 2. **libcurl** - Software library for HTTP access
@@ -42,7 +42,7 @@ The NGINX App Protect DoS package has the following dependencies:
 5. **openssl** - Toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocol
 6. **libelf** - Software library for ELF access
 
-See the NGINX Plus full list of prerequisites for more details. NGINX App Protect DoS can be installed as a module to an existing NGINX Plus installation or as a complete NGINX Plus with App Protect DoS installation in a clean environment or to a system with NGINX App Protect WAF.
+See the NGINX Plus full list of prerequisites for more details. F5 DoS for NGINX can be installed as a module to an existing NGINX Plus installation or as a complete NGINX Plus with App Protect DoS installation in a clean environment or to a system with NGINX App Protect WAF.
 
 {{< call-out "note" >}}
 
@@ -55,7 +55,7 @@ See the NGINX Plus full list of prerequisites for more details. NGINX App Protec
 
 When deploying App Protect DoS on NGINX Plus take the following precautions to secure the platform. This avoids the risk of causing a Denial of Service condition or compromising the platform security.
 
-- Restrict permissions to the files on the NGINX App Protect DoS platform to user **nginx** and group **nginx**, especially for the sensitive areas containing the configuration.
+- Restrict permissions to the files on the F5 DoS for NGINX platform to user **nginx** and group **nginx**, especially for the sensitive areas containing the configuration.
 - Remove unnecessary remote access services on the platform.
 - Configure a Syslog destination on the same machine as App Protect DoS and proxy to an external destination. This avoids eavesdropping and [man-in-the-middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) attacks on the Syslog channel.
 
@@ -91,7 +91,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo yum install ca-certificates epel-release wget
     ```
 
-6. Add NGINX Plus and NGINX App Protect DoS repository:
+6. Add NGINX Plus and F5 DoS for NGINX repository:
 
     ```shell
     sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/nginx-plus-7.4.repo
@@ -132,19 +132,19 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo nginx -v
     ```
 
-10. Check the NGINX App Protect DoS binary version to ensure that you have the right version installed correctly:
+10. Check the F5 DoS for NGINX binary version to ensure that you have the right version installed correctly:
 
     ```shell
     sudo admd -v
     ```
 
-11. Load the NGINX App Protect DoS module on the main context in the `nginx.conf`:
+11. Load the F5 DoS for NGINX module on the main context in the `nginx.conf`:
 
     ```nginx
     load_module modules/ngx_http_app_protect_dos_module.so;
     ```
 
-12. Enable NGINX App Protect DoS on an `http/server/location` context in the `nginx.conf` file:
+12. Enable F5 DoS for NGINX on an `http/server/location` context in the `nginx.conf` file:
 
     ```nginx
     app_protect_dos_enable on;
@@ -152,7 +152,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     app_protect_dos_monitor uri=serv:80/; # Assuming server_name "serv" on port 80, with the root path "/"
     ```
 
-13. Configure the SELinux to allow NGINX App Protect DoS:
+13. Configure the SELinux to allow F5 DoS for NGINX:
 
     a. Using the vi editor, create a file:
 
@@ -271,7 +271,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7
     ```
 
-7. Add NGINX Plus and NGINX App Protect DoS repository:
+7. Add NGINX Plus and F5 DoS for NGINX repository:
 
     ```shell
     sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/nginx-plus-7.4.repo
@@ -318,13 +318,13 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo admd -v
     ```
 
-12. Load the NGINX App Protect DoS module on the main context in the `nginx.conf`:
+12. Load the F5 DoS for NGINX module on the main context in the `nginx.conf`:
 
     ```nginx
     load_module modules/ngx_http_app_protect_dos_module.so;
     ```
 
-13. Enable NGINX App Protect DoS on an `http/server/location` context in the `nginx.conf` file:
+13. Enable F5 DoS for NGINX on an `http/server/location` context in the `nginx.conf` file:
 
     ```nginx
     app_protect_dos_enable on;
@@ -332,7 +332,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     app_protect_dos_monitor uri=serv:80/; # Assuming server_name "serv" on port 80, with the root path "/"
     ```
 
-14. Configure the SELinux to allow NGINX App Protect DoS:
+14. Configure the SELinux to allow F5 DoS for NGINX:
 
     a. Using the vi editor, create a file:
 
@@ -411,7 +411,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     ```shell
     sudo dnf install ca-certificates wget
 
-6. Enable Yum repositories to pull NGINX App Protect DoS dependencies:
+6. Enable Yum repositories to pull F5 DoS for NGINX dependencies:
 
     If you have a RHEL subscription:
 
@@ -421,7 +421,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
     ```
 
-7. Add NGINX Plus and NGINX App Protect DoS repository:
+7. Add NGINX Plus and F5 DoS for NGINX repository:
 
     ```shell
     sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/nginx-plus-8.repo
@@ -475,13 +475,13 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo admd -v
     ```
 
-12. Load the NGINX App Protect DoS module on the main context in the `nginx.conf` file:
+12. Load the F5 DoS for NGINX module on the main context in the `nginx.conf` file:
 
     ```nginx
     load_module modules/ngx_http_app_protect_dos_module.so;
     ```
 
-13. Enable NGINX App Protect DoS in an `http/server/location` context in the `nginx.conf` file:
+13. Enable F5 DoS for NGINX in an `http/server/location` context in the `nginx.conf` file:
 
     ```nginx
     app_protect_dos_enable on;
@@ -619,7 +619,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo dnf install ca-certificates wget
     ```
 
-6. Enable the yum repositories to pull NGINX App Protect DoS dependencies:
+6. Enable the yum repositories to pull F5 DoS for NGINX dependencies:
 
     If you have a RHEL subscription:
 
@@ -629,7 +629,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
     ```
 
-7. Add the NGINX Plus and NGINX App Protect DoS repositories:
+7. Add the NGINX Plus and F5 DoS for NGINX repositories:
 
     ```shell
     sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/plus-9.repo
@@ -687,13 +687,13 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo admd -v
     ```
 
-12. Load the NGINX App Protect DoS module on the main context in the `nginx.conf`:
+12. Load the F5 DoS for NGINX module on the main context in the `nginx.conf`:
 
     ```nginx
     load_module modules/ngx_http_app_protect_dos_module.so;
     ```
 
-13. Enable NGINX App Protect DoS on an `http/server/location` context in the `nginx.conf` file:
+13. Enable F5 DoS for NGINX on an `http/server/location` context in the `nginx.conf` file:
 
     ```nginx
     app_protect_dos_enable on;
@@ -851,7 +851,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | sudo gpg --dearmor | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
     ```
 
-7. Add NGINX Plus and NGINX App Protect DoS repository:
+7. Add NGINX Plus and F5 DoS for NGINX repository:
 
     For Debian:
 
@@ -963,13 +963,13 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo admd -v
     ```
 
-13. Load the NGINX App Protect DoS module on the main context in the `nginx.conf` file:
+13. Load the F5 DoS for NGINX module on the main context in the `nginx.conf` file:
 
     ```nginx
     load_module modules/ngx_http_app_protect_dos_module.so;
     ```
 
-14. Enable NGINX App Protect DoS on an `http/server/location` context in the `nginx.conf` via:
+14. Enable F5 DoS for NGINX on an `http/server/location` context in the `nginx.conf` via:
 
     ```nginx
     app_protect_dos_enable on;
@@ -1030,7 +1030,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     printf "https://pkgs.nginx.com/plus/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | sudo tee -a /etc/apk/repositories
     ```
 
-7. Add NGINX App Protect DoS repository to `/etc/apk/repositories` file:
+7. Add F5 DoS for NGINX repository to `/etc/apk/repositories` file:
 
     ```shell
     printf "https://pkgs.nginx.com/app-protect-dos/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | sudo tee -a /etc/apk/repositories
@@ -1043,7 +1043,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo apk del -r nginx
     ```
 
-9. Update the repository and install the most recent version of the NGINX Plus and NGINX App Protect DoS:
+9. Update the repository and install the most recent version of the NGINX Plus and F5 DoS for NGINX:
 
     ```shell
     sudo apk update
@@ -1096,13 +1096,13 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo admd -v
     ```
 
-13. Load the NGINX App Protect DoS module on the main context in the `nginx.conf` file:
+13. Load the F5 DoS for NGINX module on the main context in the `nginx.conf` file:
 
     ```nginx
     load_module modules/ngx_http_app_protect_dos_module.so;
     ```
 
-14. Enable NGINX App Protect DoS on an `http/server/location` context in the `nginx.conf` via:
+14. Enable F5 DoS for NGINX on an `http/server/location` context in the `nginx.conf` via:
 
     ```nginx
     app_protect_dos_enable on;
@@ -1151,7 +1151,7 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     ```shell
     sudo dnf install ca-certificates wget
 
-6. Add NGINX Plus and NGINX App Protect DoS repository:
+6. Add NGINX Plus and F5 DoS for NGINX repository:
 
     ```shell
     sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/plus-amazonlinux2023.repo
@@ -1209,13 +1209,13 @@ When deploying App Protect DoS on NGINX Plus take the following precautions to s
     sudo admd -v
     ```
 
-11. Load the NGINX App Protect DoS module on the main context in the `nginx.conf` file:
+11. Load the F5 DoS for NGINX module on the main context in the `nginx.conf` file:
 
     ```nginx
     load_module modules/ngx_http_app_protect_dos_module.so;
     ```
 
-12. Enable NGINX App Protect DoS in an `http/server/location` context in the `nginx.conf` file:
+12. Enable F5 DoS for NGINX in an `http/server/location` context in the `nginx.conf` file:
 
     ```nginx
     app_protect_dos_enable on;
@@ -1272,7 +1272,7 @@ You need root permissions to execute the following steps.
 
 3. Copy the files to the directory where the Dockerfile is located.
 
-4. Add NGINX App Protect DoS to your `nginx.conf`. The configuration below is an example for an `http` and `grpc+tls` servers which has NGINX App Protect DoS enabled. Note that every NGINX App Protect DoS related directive starts with `app_protect_dos_`.
+4. Add F5 DoS for NGINX to your `nginx.conf`. The configuration below is an example for an `http` and `grpc+tls` servers which has F5 DoS for NGINX enabled. Note that every F5 DoS for NGINX related directive starts with `app_protect_dos_`.
 
     `nginx.conf`
 
@@ -1283,7 +1283,7 @@ You need root permissions to execute the following steps.
     worker_rlimit_nofile 65535;
     working_directory /tmp/cores;
 
-    load_module modules/ngx_http_app_protect_dos_module.so; # NGINX App Protect DoS module
+    load_module modules/ngx_http_app_protect_dos_module.so; # F5 DoS for NGINX module
 
     events {
         worker_connections  65535;
@@ -1296,7 +1296,7 @@ You need root permissions to execute the following steps.
                             'outcome=$app_protect_dos_outcome, reason=$app_protect_dos_outcome_reason, '
                             'ip_tls=$remote_addr:$app_protect_dos_tls_fp, ';
 
-        app_protect_dos_security_log_enable on; # Enable NGINX App Protect DoS's security logger
+        app_protect_dos_security_log_enable on; # Enable F5 DoS for NGINX's security logger
         app_protect_dos_security_log "/etc/app_protect_dos/log-default.json" /var/log/adm/logger.log; # Security logger outputs to a file
         # app_protect_dos_security_log "/etc/app_protect_dos/log-default.json" syslog:server=1.2.3.4:5261; # Security logger outputs to a syslog destination
 
@@ -1310,10 +1310,10 @@ You need root permissions to execute the following steps.
             access_log /var/log/nginx/access.log log_napd if=$loggable; # Access log with rate limiting and additional information
             # access_log syslog:server=1.1.1.1:5561 log_napd if=$loggable;
 
-            app_protect_dos_policy_file "/etc/app_protect_dos/BADOSDefaultPolicy.json"; # Policy configuration for NGINX App Protect DoS
+            app_protect_dos_policy_file "/etc/app_protect_dos/BADOSDefaultPolicy.json"; # Policy configuration for F5 DoS for NGINX
 
             location / {
-                app_protect_dos_enable on; # Enable NGINX App Protect DoS in this block
+                app_protect_dos_enable on; # Enable F5 DoS for NGINX in this block
                 app_protect_dos_name "App80"; # PO name
                 app_protect_dos_monitor uri=http://serv80/; # Health monitoring
                 proxy_pass http://1.2.3.4:80;
@@ -1381,7 +1381,7 @@ You need root permissions to execute the following steps.
     DOCKER_BUILDKIT=1 docker build --no-cache --platform linux/amd64 --secret id=nginx-crt,src=nginx-repo.crt --secret id=nginx-key,src=nginx-repo.key --secret id=license-jwt,src=./license.jwt -t app-protect-dos .
     ```
 
-    The `--no-cache` option tells Docker to build the image from scratch and ensures the installation of the latest version of NGINX Plus and NGINX App Protect DoS. If the Dockerfile was previously used to build an image without the `--no-cache` option, the new image uses versions from the previously built image from the Docker cache.
+    The `--no-cache` option tells Docker to build the image from scratch and ensures the installation of the latest version of NGINX Plus and F5 DoS for NGINX. If the Dockerfile was previously used to build an image without the `--no-cache` option, the new image uses versions from the previously built image from the Docker cache.
 
    For RHEL8/9 with subctiption manager setup add build arguments:
    
@@ -1468,11 +1468,11 @@ FROM alpine:3.19
 # Download and add the NGINX signing keys:
 RUN wget -O /etc/apk/keys/nginx_signing.rsa.pub https://cs.nginx.com/static/keys/nginx_signing.rsa.pub
 
-# Add NGINX Plus/NGINX App Protect Dos repository:
+# Add NGINX Plus/F5 DoS for NGINX repository:
 RUN printf "https://pkgs.nginx.com/plus/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | tee -a /etc/apk/repositories && \
     printf "https://pkgs.nginx.com/app-protect-dos/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | tee -a /etc/apk/repositories
 
-# Update the repository and install the most recent version of the NGINX App Protect Dos package (which includes NGINX Plus):
+# Update the repository and install the most recent version of the F5 DoS for NGINX package (which includes NGINX Plus):
 RUN --mount=type=secret,id=nginx-crt,dst=/etc/apk/cert.pem,mode=0644 \
     --mount=type=secret,id=nginx-key,dst=/etc/apk/cert.key,mode=0644 \
     --mount=type=secret,id=license-jwt,dst=license.jwt,mode=0644 \
@@ -1508,11 +1508,11 @@ FROM amazonlinux:2023
 # Install prerequisite packages:
 RUN dnf -y install ca-certificates
 
-# Add NGINX Plus/NGINX App Protect Dos repository:
+# Add NGINX Plus/F5 DoS for NGINX repository:
 RUN curl -o /etc/yum.repos.d/plus-amazonlinux2023.repo https://cs.nginx.com/static/files/plus-amazonlinux2023.repo && \
     curl -o  /etc/yum.repos.d/app-protect-dos-amazonlinux2023.repo https://cs.nginx.com/static/files/app-protect-dos-amazonlinux2023.repo
 
-# Install NGINX App Protect DoS:
+# Install F5 DoS for NGINX:
 RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
     --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
     --mount=type=secret,id=license-jwt,dst=license.jwt,mode=0644 \
@@ -1554,7 +1554,7 @@ RUN mkdir -p /etc/ssl/nginx/ /etc/nginx/ && \
     printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://pkgs.nginx.com/app-protect-dos/debian $(lsb_release -cs) nginx-plus\n" > /etc/apt/sources.list.d/nginx-app-protect-dos.list && \
     wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx
 
-# Install Nginx App Protect Dos
+# Install F5 DoS for NGINX
 RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
     --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
     --mount=type=secret,id=license-jwt,dst=license.jwt,mode=0644 \
@@ -1592,7 +1592,7 @@ RUN apt-get update && \
     printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://pkgs.nginx.com/app-protect-dos/ubuntu $(lsb_release -cs) nginx-plus\n" > /etc/apt/sources.list.d/nginx-app-protect-dos.list && \
     wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx
 
-# Install Nginx App Protect Dos
+# Install F5 DoS for NGINX
 RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
     --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
     --mount=type=secret,id=license-jwt,dst=license.jwt,mode=0644 \
@@ -1636,7 +1636,7 @@ RUN subscription-manager register --org=${RHEL_ORG} --activationkey=${RHEL_ACTIV
     curl -o /etc/yum.repos.d/plus-8.repo https://cs.nginx.com/static/files/plus-8.repo && \
     curl -o /etc/yum.repos.d/app-protect-dos-8.repo https://cs.nginx.com/static/files/app-protect-dos-8.repo
 
-# Install Nginx App Protect Dos
+# Install F5 DoS for NGINX
 RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
     --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
     --mount=type=secret,id=license-jwt,dst=license.jwt,mode=0644 \
@@ -1679,7 +1679,7 @@ RUN curl -o /etc/yum.repos.d/plus-9.repo https://cs.nginx.com/static/files/plus-
     dnf config-manager --set-enabled crb && \
     dnf clean all
 
-# Install NGINX App Protect DoS:
+# Install F5 DoS for NGINX:
 RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
     --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
     --mount=type=secret,id=license-jwt,dst=license.jwt,mode=0644 \
@@ -1916,7 +1916,7 @@ RUN printf "https://pkgs.nginx.com/app-protect-dos/alpine/v`egrep -o '^[0-9]+\.[
     printf "https://pkgs.nginx.com/app-protect/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | tee -a /etc/apk/repositories && \
     printf "https://pkgs.nginx.com/app-protect-security-updates/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | tee -a /etc/apk/repositories
 
-# Update the repository and install the most recent version of the NGINX App Protect DoS package (which includes NGINX Plus):
+# Update the repository and install the most recent version of the F5 DoS for NGINX package (which includes NGINX Plus):
 RUN --mount=type=secret,id=nginx-crt,dst=/etc/apk/cert.pem,mode=0644 \
     --mount=type=secret,id=nginx-key,dst=/etc/apk/cert.key,mode=0644 \
     --mount=type=secret,id=license-jwt,dst=license.jwt,mode=0644 \
@@ -1997,7 +1997,7 @@ RUN apt-get update && \
     apt-get install -y --no-install-recommends apt-transport-https lsb-release ca-certificates wget gnupg2 debian-archive-keyring && \
     wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
 
-# Add NGINX Plus, NGINX App Protect and NGINX App Protect DoS repository:
+# Add NGINX Plus, NGINX App Protect and F5 DoS for NGINX repository:
 RUN printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://pkgs.nginx.com/plus/debian `lsb_release -cs` nginx-plus\n" | tee /etc/apt/sources.list.d/nginx-plus.list \
     && printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://pkgs.nginx.com/app-protect-dos/debian `lsb_release -cs` nginx-plus\n" | tee /etc/apt/sources.list.d/nginx-app-protect-dos.list \
     && printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://pkgs.nginx.com/app-protect/debian `lsb_release -cs` nginx-plus\n" | tee /etc/apt/sources.list.d/nginx-app-protect.list
@@ -2005,7 +2005,7 @@ RUN printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https:
 # Download the apt configuration to `/etc/apt/apt.conf.d`:
 RUN wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx
 
-# Install Nginx App Protect Dos
+# Install F5 DoS for NGINX
 RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
     --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
     --mount=type=secret,id=license-jwt,dst=license.jwt,mode=0644 \
@@ -2040,7 +2040,7 @@ RUN apt-get update && \
     apt-get install -y --no-install-recommends apt-transport-https lsb-release ca-certificates wget gnupg2 ubuntu-keyring && \
     wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
 
-# Add NGINX Plus, NGINX App Protect and NGINX App Protect DoS repository:
+# Add NGINX Plus, NGINX App Protect and F5 DoS for NGINX repository:
 RUN printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://pkgs.nginx.com/plus/ubuntu `lsb_release -cs` nginx-plus\n" | tee /etc/apt/sources.list.d/nginx-plus.list \
     && printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://pkgs.nginx.com/app-protect-dos/ubuntu `lsb_release -cs` nginx-plus\n" | tee /etc/apt/sources.list.d/nginx-app-protect-dos.list \
     && printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https://pkgs.nginx.com/app-protect/ubuntu `lsb_release -cs` nginx-plus\n" | tee /etc/apt/sources.list.d/nginx-app-protect.list
@@ -2048,7 +2048,7 @@ RUN printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] https:
 # Download the apt configuration to `/etc/apt/apt.conf.d`:
 RUN wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx
 
-# Install Nginx App Protect Dos
+# Install F5 DoS for NGINX
 RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
     --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
     --mount=type=secret,id=license-jwt,dst=license.jwt,mode=0644 \
@@ -2072,33 +2072,33 @@ STOPSIGNAL SIGQUIT
 CMD ["sh", "/root/entrypoint.sh"]
 ```
 
-## NGINX App Protect DoS Arbitrator
+## F5 DoS for NGINX Arbitrator
 
 ### Overview
 
-NGINX App Protect DoS arbitrator orchestrates all the running NGINX App Protect DoS instances to synchronize local/global attack start/stop.
+F5 DoS for NGINX arbitrator orchestrates all the running F5 DoS for NGINX instances to synchronize local/global attack start/stop.
 
-NGINX App Protect DoS arbitrator serves as a central coordinating component for managing multiple instances of  App Protect DoS in a network. It is needed when there are more than one NGINX App Protect DoS instances. Its primary function is to ensure that all instances are aware of and share the same state for each protected object. Here's a clearer breakdown of how it works and why it's necessary:
+F5 DoS for NGINX arbitrator serves as a central coordinating component for managing multiple instances of  App Protect DoS in a network. It is needed when there are more than one F5 DoS for NGINX instances. Its primary function is to ensure that all instances are aware of and share the same state for each protected object. Here's a clearer breakdown of how it works and why it's necessary:
 
-How NGINX App Protect DoS Arbitrator Works:
+How F5 DoS for NGINX Arbitrator Works:
 
 - **Collecting State Periodically**: The arbitrator regularly collects the state information from all running instances of App Protect DoS. This collection occurs at set intervals, typically every 10 seconds.
 - **State Initialization for New Instances**: When a new App Protect DoS instance is created, it doesn't start with a blank or uninitialized state for a protected object. Instead, it retrieves the initial state for the protected object from the arbitrator.
 - **Updating State in Case of an Attack**: If an attack is detected by one of the App Protect DoS instances, that instance sends an attack notification to the arbitrator. The arbitrator then updates the state of the affected protected object to indicate that it is under attack. Importantly, this updated state is propagated to all other instances.
 
-### Why NGINX App Protect DoS Arbitrator is Necessary
+### Why F5 DoS for NGINX Arbitrator is Necessary
 
-NGINX App Protect DoS Arbitrator is essential for several reasons:
+F5 DoS for NGINX Arbitrator is essential for several reasons:
 
 - **Global State Management**: Without the arbitrator, each individual instance of App Protect DoS would manage its own isolated state for each protected object. This isolation could lead to inconsistencies. For example, if instance A declared an attack on a protected object named "PO-Example," instance B would remain unaware of this attack, potentially leaving the object vulnerable.
 - **Uniform Attack Detection**: With the arbitrator in place, when instance A detects an attack on "PO-Example" and reports it to the arbitrator, the state of "PO-Example" is immediately updated to indicate an attack. This means that all instances, including instance B, are aware of the attack and can take appropriate measures to mitigate it.
 
-In summary, NGINX App Protect DoS Arbitrator acts as a central coordinator to maintain a consistent and up-to-date global state for protected objects across multiple instances of App Protect DoS. This coordination helps ensure that attacks are properly detected and mitigated, and that knowledge gained by one instance is efficiently shared with others, enhancing the overall security of the network.
+In summary, F5 DoS for NGINX Arbitrator acts as a central coordinator to maintain a consistent and up-to-date global state for protected objects across multiple instances of App Protect DoS. This coordination helps ensure that attacks are properly detected and mitigated, and that knowledge gained by one instance is efficiently shared with others, enhancing the overall security of the network.
 
 
-### NGINX App Protect DoS Arbitrator Deployment
+### F5 DoS for NGINX Arbitrator Deployment
 
-1. Pull the official NGINX App Protect DoS Arbitrator image with the command:
+1. Pull the official F5 DoS for NGINX Arbitrator image with the command:
 
    ```shell
    docker pull docker-registry.nginx.com/nap-dos/app_protect_dos_arb:latest
@@ -2112,22 +2112,22 @@ In summary, NGINX App Protect DoS Arbitrator acts as a central coordinator to ma
 
 3. Verify that the `app-protect-dos-arb` container is up and running with the `docker ps` command.
 
-4. DNS records are required for NGINX App Protect DoS Arbitrator to work properly and be accessible by NGINX App Protect DoS servers. Ensure that the `svc-appprotect-dos-arb` or configured Arbitrator FQDN (with `app_protect_dos_arb_fqdn` directive) has a valid DNS resolution.
-This step is necessary only for VM/Docker deployments with arbitrator. When the arbitrator is in the same Kubernetes namespace as NGINX App Protect DoS, this step is not needed.
+4. DNS records are required for F5 DoS for NGINX Arbitrator to work properly and be accessible by F5 DoS for NGINX servers. Ensure that the `svc-appprotect-dos-arb` or configured Arbitrator FQDN (with `app_protect_dos_arb_fqdn` directive) has a valid DNS resolution.
+This step is necessary only for VM/Docker deployments with arbitrator. When the arbitrator is in the same Kubernetes namespace as F5 DoS for NGINX, this step is not needed.
 
 ### Multi-VM Deployment
 
-The Arbitrator service is standalone. Once it is down, it can be seamlessly re-started. It will immediately recover all the needed information from NGINX App Protect DoS instances that communicate to it every 10 sec. It’s downtime is around 10-20 seconds which  will not affect the NGINX App Protect DoS working.
+The Arbitrator service is standalone. Once it is down, it can be seamlessly re-started. It will immediately recover all the needed information from F5 DoS for NGINX instances that communicate to it every 10 sec. It’s downtime is around 10-20 seconds which  will not affect the F5 DoS for NGINX working.
 
-NGINX App Protect DoS Arbitrator service connects to port 3000 and can be seen under App Protect DoS instances. All modules try to connect to this service automatically. If it’s not accessible, each instance works in standalone mode.
+F5 DoS for NGINX Arbitrator service connects to port 3000 and can be seen under App Protect DoS instances. All modules try to connect to this service automatically. If it’s not accessible, each instance works in standalone mode.
 
-There is no such option for authentications between NGINX App Protect DoS servers and Arbitrator service like MTLS or password . Currently Arbitrator service is not exposed outside of the namespace. It is customers responsibility to isolate it from outside. It is applicable to any deployment of Arbitrator, not only to multi-VM.
+There is no such option for authentications between F5 DoS for NGINX servers and Arbitrator service like MTLS or password . Currently Arbitrator service is not exposed outside of the namespace. It is customers responsibility to isolate it from outside. It is applicable to any deployment of Arbitrator, not only to multi-VM.
 
 ## Post-Installation Checks
 
-You can run the following commands to ensure that NGINX App Protect DoS enforcement is operational.
+You can run the following commands to ensure that F5 DoS for NGINX enforcement is operational.
 
-1. Check that the three processes needed for NGINX App Protect DoS are running using `ps aux`:
+1. Check that the three processes needed for F5 DoS for NGINX are running using `ps aux`:
 
     - admd
     - nginx: master process
@@ -2183,7 +2183,7 @@ You can run the following commands to ensure that NGINX App Protect DoS enforcem
 
     c. See that the good traffic continue as usual while the attackers receive denial of service.
 
-To check NGINX App Protect WAF along side NGINX App Protect DoS, just perform the normal tests as specified at [Admin Guide](https://docs.nginx.com/nginx-app-protect/admin-guide/)
+To check NGINX App Protect WAF along side F5 DoS for NGINX, just perform the normal tests as specified at [Admin Guide](https://docs.nginx.com/nginx-app-protect/admin-guide/)
 
 ### Compatibility with NGINX Plus Releases
 
@@ -2191,7 +2191,7 @@ A threat campaign package is compatible with the NGINX Plus release supported du
 
 ## Upgrading App Protect DoS
 
-You can upgrade to the latest NGINX Plus and App Protect DoS versions by downloading and installing the latest NGINX App Protect DoS package. When upgrading from this package, App Protect DoS will be uninstalled and reinstalled. The old default security policy is deleted and the new default security policy is installed. If you have created a custom security policy, the policy persists and you will need to update `nginx.conf` and point to the custom security policy by referencing the json file (using the full path).
+You can upgrade to the latest NGINX Plus and App Protect DoS versions by downloading and installing the latest F5 DoS for NGINX package. When upgrading from this package, App Protect DoS will be uninstalled and reinstalled. The old default security policy is deleted and the new default security policy is installed. If you have created a custom security policy, the policy persists and you will need to update `nginx.conf` and point to the custom security policy by referencing the json file (using the full path).
 
 If you upgrade your NGINX version outside of the App Protect DoS module, App Protect DoS will be uninstalled and you will need to reinstall it. You need to restart NGINX after an upgrade.
 
@@ -2455,7 +2455,7 @@ http {
 
 #### App Protect DoS arb
 
-Arbitrator (arb) is an internal service that is essential for the scaling scenarios. The arbitrator service should be deployed in the same namespace as NGINX App Protect DoS.
+Arbitrator (arb) is an internal service that is essential for the scaling scenarios. The arbitrator service should be deployed in the same namespace as F5 DoS for NGINX.
 
 `appprotect-dos-arb.yaml`:
 
@@ -2519,7 +2519,7 @@ kubectl -n appprotect-dos-wp-diff apply -f ${DIR}/appprotect-dos-arb.yaml
 kubectl -n appprotect-dos-wp-diff apply -f ${DIR}/svc-appprotect-dos-arb.yaml
 ```
 
-`install NGINX App Protect DoS with ARB service`:
+`install F5 DoS for NGINX with ARB service`:
 
 ```shell
 #!/bin/bash
diff --git a/content/nap-dos/directives-and-policy/_index.md b/content/nap-dos/directives-and-policy/_index.md
index 0d66fcde8..2994cd207 100644
--- a/content/nap-dos/directives-and-policy/_index.md
+++ b/content/nap-dos/directives-and-policy/_index.md
@@ -1,6 +1,6 @@
 ---
 description: Learn about the Directives and Policy attributes necessary to configure
-  F5 NGINX App Protect DoS.
+  F5 F5 DoS for NGINX.
 title: Directives and Policy
 weight: 120
 url: /nginx-app-protect-dos/directives-and-policy/
diff --git a/content/nap-dos/directives-and-policy/learn-about-directives-and-policy.md b/content/nap-dos/directives-and-policy/learn-about-directives-and-policy.md
index 3f2635b52..c74105412 100644
--- a/content/nap-dos/directives-and-policy/learn-about-directives-and-policy.md
+++ b/content/nap-dos/directives-and-policy/learn-about-directives-and-policy.md
@@ -1,5 +1,5 @@
 ---
-title: NGINX App Protect DoS Directives and Policy
+title: F5 DoS for NGINX Directives and Policy
 toc: true
 weight: 120
 nd-docs: DOCS-667
@@ -8,14 +8,14 @@ nd-docs: DOCS-667
 ## Introduction
 
 NGINX directives are specified in the `nginx.conf` file and are used to configure various modules of NGINX.<br>
-F5 NGINX App Protect DoS has its own set of directives, which follow the same rules as other NGINX directives, and are used to enable and configure its features.<br>
+F5 F5 DoS for NGINX has its own set of directives, which follow the same rules as other NGINX directives, and are used to enable and configure its features.<br>
 
-The table below provides a summary of all the F5 NGINX App Protect DoS directives.<br>
+The table below provides a summary of all the F5 F5 DoS for NGINX directives.<br>
 
-While only the first directive is mandatory for enabling NGINX App Protect DoS, it is recommended to use as many directives as possible to leverage the product’s full range of monitoring and application health detection capabilities. After adding these directives, ensure you reload NGINX and check the error log for any errors or warnings.<br>
+While only the first directive is mandatory for enabling F5 DoS for NGINX, it is recommended to use as many directives as possible to leverage the product’s full range of monitoring and application health detection capabilities. After adding these directives, ensure you reload NGINX and check the error log for any errors or warnings.<br>
 
 ## Directives table
-Below is a summary of all NGINX App Protect DoS directives. Detailed descriptions of each directive can be found in the following sections.
+Below is a summary of all F5 DoS for NGINX directives. Detailed descriptions of each directive can be found in the following sections.
 
  {{<bootstrap-table "table table-bordered table-striped table-responsive table-sm">}}
 
@@ -130,7 +130,7 @@ Directive is optional. If not written, then each protected object (VS) will have
 seq: 0 for server block, increments for each location block. i.e. VS created from server block will have 0 and VS's from location blocks will be 1,2,3,... (i.e. `1`)
 - `location name:` the name of the location (i.e. `/abc`)
 
-NGINX App Protect DoS supports up to 300 Protected Objects for versions up to 4.3, and 1,000 Protected Objects in version 4.4 and above.<br>
+F5 DoS for NGINX supports up to 300 Protected Objects for versions up to 4.3, and 1,000 Protected Objects in version 4.4 and above.<br>
 <br>
 **Example:**
 
@@ -158,21 +158,21 @@ Monitor directive has four arguments - **uri**, **protocol**, **timeout** and **
 
 - **Protocol** -  determines the protocol type of the service. Options are `http1 / http2 / grpc / websocket`.<br>Default: `http1`.<br>
 
-  {{< call-out "note" >}}HTTP2 and gRPC are supported from NGINX App Protect DoS v2, while WebSocket is supported from NGINX App Protect DoS v4. {{< /call-out >}}
+  {{< call-out "note" >}}HTTP2 and gRPC are supported from F5 DoS for NGINX v2, while WebSocket is supported from F5 DoS for NGINX v4. {{< /call-out >}}
 
-- **Timeout** - determines how long (in seconds) should NGINX App Protect DoS wait for a response. <br>Default: 10 seconds for `http1/http2/websocket` and 5 seconds for `grpc`.<br>
+- **Timeout** - determines how long (in seconds) should F5 DoS for NGINX wait for a response. <br>Default: 10 seconds for `http1/http2/websocket` and 5 seconds for `grpc`.<br>
 
 - **Proxy Protocol** -  Should be used when the listen directive of the corresponding server block contains the proxy_protocol parameter.
  It adds an HAProxy PROXY protocol header to the monitor request.
   <br>Format is **proxy_protocol | proxy_protocol=on**.<br>
   Default: off.<br>
 
-  {{< call-out "note" >}}The proxy_protocol is supported from NGINX App Protect DoS v3.1. {{< /call-out >}}
+  {{< call-out "note" >}}The proxy_protocol is supported from F5 DoS for NGINX v3.1. {{< /call-out >}}
 
 
-#### For Older Versions (NGINX App Protect DoS v1)
+#### For Older Versions (F5 DoS for NGINX v1)
 
-In NGINX App Protect DoS v1, the app_protect_dos_monitor directive has only one argument: uri.
+In F5 DoS for NGINX v1, the app_protect_dos_monitor directive has only one argument: uri.
 Only HTTP1 is supported.
 
 <br><br>
@@ -190,7 +190,7 @@ location / {
 }
 ```
 
-{{< call-out "note" >}}For NGINX App Protect DoS v1, use: app_protect_dos_monitor <http://serv:80/>; {{< /call-out >}}
+{{< call-out "note" >}}For F5 DoS for NGINX v1, use: app_protect_dos_monitor <http://serv:80/>; {{< /call-out >}}
 
 2. HTTP/2 Over SSL
 
@@ -277,7 +277,7 @@ Second argument is the destination (the location which the events will be sent t
 - `stderr` (**default**)
 - `{absolute_file_path}`, i.e. `/shared/dos_sec_logger.log`
 
-Implemented according to: [NGINX App Protect DoS Security Log]({{< ref "/nap-dos/monitoring/security-log.md" >}})
+Implemented according to: [F5 DoS for NGINX Security Log]({{< ref "/nap-dos/monitoring/security-log.md" >}})
 
    {{< call-out "note" >}}
 
@@ -336,7 +336,7 @@ Second and Third arguments are optional; if one or more is not written, the defa
 
 If liveness is enabled, a request with URI and PORT that matches the probe configuration (i.e. `/app_protect_dos_liveness:8090`) will be answered with RC 200 "Alive" by our NGINX module, without being counted or pass to other handlers nor the backend server.
 
-Any other response will indicate that our NGINX module (NGINX App Protect DoS) has not received the request (possibly means that NGINX is down).
+Any other response will indicate that our NGINX module (F5 DoS for NGINX) has not received the request (possibly means that NGINX is down).
 
 **Example:**
 
@@ -363,7 +363,7 @@ Second and Third arguments are optional; if one or more is not written, the defa
 
 If readiness is enabled, a request with URI and PORT that matches the probe configuration (i.e. `/app_protect_dos_readiness:8090`) will be answered with RC 200 "Ready" or RC 503 "Not Ready" by our NGINX module, without being counted or pass to other handlers nor the backend server.
 
-Any other response will indicate that our NGINX module (NGINX App Protect DoS) has not received the request (possibly means that NGINX is down).
+Any other response will indicate that our NGINX module (F5 DoS for NGINX) has not received the request (possibly means that NGINX is down).
 
 RC 200 "Ready" will occur if two conditions are met:
 
@@ -402,7 +402,7 @@ This directive is used to enable the App Protect DoS monitoring capability via R
 The REST API interface provides extended metrics information of the Protected Objects.
 It can be used by sending REST API requests manually or by using the App Protect DoS dashboard page.
 
-For more information refer to [NGINX App Protect DoS Live Activity Monitoring]({{< ref "/nap-dos/monitoring/live-activity-monitoring.md" >}})
+For more information refer to [F5 DoS for NGINX Live Activity Monitoring]({{< ref "/nap-dos/monitoring/live-activity-monitoring.md" >}})
 
 **Example:**
 
@@ -432,13 +432,13 @@ syn_drop is an optional parameter; the default value is "off".<br>
 syn_drop=on mode is applicable for plane HTTP services or HTTPS when the `tls_fingerprint` feature is disabled. Refer to policy parameter "tls_fingerprint" in [Policy directive](#policy-directive-app_protect_dos_policy_file).
 In syn_drop mode, the SYN packet of detected bad actors will be dropped.
 
-syn_drop mode is recommended for the deployments of NGINX App Protect DoS at the perimeter network or behind L3 load balancer.
-Using this mode when NGINX App Protect DoS is deployed behind L4/L7 load balancer may result in the load balancer’s starvation during an attack.
+syn_drop mode is recommended for the deployments of F5 DoS for NGINX at the perimeter network or behind L3 load balancer.
+Using this mode when F5 DoS for NGINX is deployed behind L4/L7 load balancer may result in the load balancer’s starvation during an attack.
 
 {{< call-out "note" >}}
 To use this directive you need to install the eBPF package.
 
-For more information about eBPF, you can read the [Accelerating DDoS Mitigation with eBPF in F5 NGINX App Protect DoS](https://www.f5.com/company/blog/nginx/accelerating-ddos-mitigation-with-ebpf-in-f5-nginx-app-protect-dos) article.
+For more information about eBPF, you can read the [Accelerating DDoS Mitigation with eBPF in F5 F5 DoS for NGINX](https://www.f5.com/company/blog/nginx/accelerating-ddos-mitigation-with-ebpf-in-f5-nginx-app-protect-dos) article.
 
 {{< /call-out >}}
 
diff --git a/content/nap-dos/monitoring/_index.md b/content/nap-dos/monitoring/_index.md
index 8485a67c4..fcfcc015b 100644
--- a/content/nap-dos/monitoring/_index.md
+++ b/content/nap-dos/monitoring/_index.md
@@ -1,6 +1,6 @@
 ---
 description: Documentation explaining how to monitor, generate logs for, and debug
-  F5 NGINX App Protect DoS.
+  F5 F5 DoS for NGINX.
 title: Monitoring
 weight: 130
 url: /nginx-app-protect-dos/monitoring/
diff --git a/content/nap-dos/monitoring/access-log.md b/content/nap-dos/monitoring/access-log.md
index 0efcb3fb0..f9cac357b 100644
--- a/content/nap-dos/monitoring/access-log.md
+++ b/content/nap-dos/monitoring/access-log.md
@@ -1,7 +1,7 @@
 ---
-description: Learn about the F5 NGINX App Protect DoS Request Log Mechanism.
+description: Learn about the F5 F5 DoS for NGINX Request Log Mechanism.
 nd-docs: DOCS-668
-title: NGINX App Protect DoS Access Log Request Mechanism
+title: F5 DoS for NGINX Access Log Request Mechanism
 toc: true
 weight: 160
 type:
diff --git a/content/nap-dos/monitoring/live-activity-monitoring.md b/content/nap-dos/monitoring/live-activity-monitoring.md
index e28fb571b..59d4e5ed6 100644
--- a/content/nap-dos/monitoring/live-activity-monitoring.md
+++ b/content/nap-dos/monitoring/live-activity-monitoring.md
@@ -1,25 +1,25 @@
 ---
-description: Learn about the F5 NGINX App Protect DoS Live Activity Monitoring.
+description: Learn about the F5 F5 DoS for NGINX Live Activity Monitoring.
 nd-docs: DOCS-1389
-title: NGINX App Protect DoS Live Activity Monitoring
+title: F5 DoS for NGINX Live Activity Monitoring
 toc: true
 weight: 140
 type:
 - how-to
 ---
 
-{{< img src="/dashboard/dos-tab.png" alt="NGINX App Protect DoS Dashboard" >}}
+{{< img src="/dashboard/dos-tab.png" alt="F5 DoS for NGINX Dashboard" >}}
 
 ## Overview
 
-F5 NGINX App Protect DoS offers a variety of application monitoring tools:
+F5 F5 DoS for NGINX offers a variety of application monitoring tools:
 
 - **App Protect DoS Dashboard Page**: This dynamic interface provides real-time monitoring and details of Protected Objects.
-- **NGINX App Protect DoS REST API**: This interface offers comprehensive metrics about the Protected Objects.
+- **F5 DoS for NGINX REST API**: This interface offers comprehensive metrics about the Protected Objects.
 
 ## Prerequisites
 
-- NGINX Plus R26 or later is required for accessing the NGINX App Protect DoS REST API and the DoS Dashboard.
+- NGINX Plus R26 or later is required for accessing the F5 DoS for NGINX REST API and the DoS Dashboard.
 
 ## API Configuration Steps
 
@@ -133,7 +133,7 @@ In multi-instance environments with an arbitrator, these statistics will be comb
 | Mitigations/s  | - | Number of mitigated requests per second  |
 | Requests  | - | Total number of incoming requests  |
 | Mitigations  | - | Total number of mitigated requests  |
-| Learning  | [ready\|ba only\|not ready] | Whether NGINX App Protect DoS collected enough data to protect the Protected Object  |
+| Learning  | [ready\|ba only\|not ready] | Whether F5 DoS for NGINX collected enough data to protect the Protected Object  |
 | Protocol  | [http1\|http2\|grpc] | As defined by the `protocol` argument of the `app_protect_dos_monitor` directive  |
 | Mitigation Mode  | [standard\|conservative\|none]  | As defined by the `mitigation_mode` object in the JSON policy file from the `app_protect_dos_policy_file` directive  |
 | Signatures  | [on\|off] | As defined by the `signatures` object in the JSON policy file from the `app_protect_dos_policy_file` directive. Values - on/off  |
diff --git a/content/nap-dos/monitoring/operation-log.md b/content/nap-dos/monitoring/operation-log.md
index 2a12d5eaf..3aa07a669 100644
--- a/content/nap-dos/monitoring/operation-log.md
+++ b/content/nap-dos/monitoring/operation-log.md
@@ -1,7 +1,7 @@
 ---
-description: Learn about the F5 NGINX App Protect DoS Operation Log.
+description: Learn about the F5 F5 DoS for NGINX Operation Log.
 nd-docs: DOCS-669
-title: NGINX App Protect DoS Operation Log
+title: F5 DoS for NGINX Operation Log
 toc: true
 weight: 180
 type:
@@ -18,7 +18,7 @@ The operation logs consists of system operational and health events. The events
 
 |Event Type|Level|Meaning|
 |--------- |-----|------ |
-|Configuration Error |error |There were errors in the [directives]({{< ref "/nap-dos/directives-and-policy/learn-about-directives-and-policy.md" >}}) in the `nginx.conf` file. <br> Configuration error event is produced when one of F5 NGINX App Protect DoS directives is supplied with an incorrect data. An additional information will be added to the message, describing what was incorrect. NGINX will run with default values for this directive. <br> Please note that if the directive supplied with an incorrect number of arguments then NGINX will issue an error and NGINX will not run. It is a generic NGINX behavior.|
+|Configuration Error |error |There were errors in the [directives]({{< ref "/nap-dos/directives-and-policy/learn-about-directives-and-policy.md" >}}) in the `nginx.conf` file. <br> Configuration error event is produced when one of F5 F5 DoS for NGINX directives is supplied with an incorrect data. An additional information will be added to the message, describing what was incorrect. NGINX will run with default values for this directive. <br> Please note that if the directive supplied with an incorrect number of arguments then NGINX will issue an error and NGINX will not run. It is a generic NGINX behavior.|
 
 {{</bootstrap-table>}}
 
@@ -50,7 +50,7 @@ The operation logs consists of system operational and health events. The events
 
 |Event Type|Level|Meaning|
 |--------- |-----|------ |
-|Configuration Load Success | notice |The `APP_PROTECT_DOS` configuration process ended successfully: all policies, log configuration and global settings were loaded to NGINX App Protect DoS and all traffic will be handled by this configuration. The `error_message` contains warnings. This event is also generated on the initial configuration (when NGINX Plus starts).|
+|Configuration Load Success | notice |The `APP_PROTECT_DOS` configuration process ended successfully: all policies, log configuration and global settings were loaded to F5 DoS for NGINX and all traffic will be handled by this configuration. The `error_message` contains warnings. This event is also generated on the initial configuration (when NGINX Plus starts).|
 
 {{</bootstrap-table>}}
 
diff --git a/content/nap-dos/monitoring/security-log.md b/content/nap-dos/monitoring/security-log.md
index 642cde34e..16194c0bf 100644
--- a/content/nap-dos/monitoring/security-log.md
+++ b/content/nap-dos/monitoring/security-log.md
@@ -1,7 +1,7 @@
 ---
-description: Learn about the F5 NGINX App Protect DoS Security Log.
+description: Learn about the F5 F5 DoS for NGINX Security Log.
 nd-docs: DOCS-670
-title: NGINX App Protect DoS Security Log
+title: F5 DoS for NGINX Security Log
 toc: true
 weight: 140
 type:
@@ -24,7 +24,7 @@ The following table lists all the possible fields in the logs and their meaning.
 |----------------|--------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | `date_time`  |  string  | the date and time of the event                                                                                                                                                                                                                                                                                                                                                                                 |
 | `product`   |  string  | always set to `app-protect-dos`                                                                                                                                                                                                                                                                                                                                                                                |
-| `product_version` | string  | F5 NGINX App Protect DoS version                                                                                                                                                                                                                                                                                                                                                                                  |
+| `product_version` | string  | F5 F5 DoS for NGINX version                                                                                                                                                                                                                                                                                                                                                                                  |
 | `unit_hostname` |  string  | host name of the app-protect-dos instance                                                                                                                                                                                                                                                                                                                                                                      |
 | `instance_id` |  string  | instance ID: container id from `/proc/self/cgroup`or hostname if container is is not available                                                                                                                                                                                                                                                                                                                 |
 | `vs_name` | string  | A unique identifier (representing the protected object's name) of the location in the `nginx.conf` file that this request is associated with. It contains the line number of the containing server block in `nginx.conf`, the server name, a numeric discriminator that distinguishes between multiple entries within the same server, and the location name. <br>For example: `34-mydomain.com:0-~/.*php(2)`. |
@@ -336,7 +336,7 @@ mitigated_connections_rps="0",
 ```
 
 ### 2. Bad actor detection/expiration
-Reports NGINX App Protect DoS decisions regarding bad actors.
+Reports F5 DoS for NGINX decisions regarding bad actors.
 
 a. Example: **Bad Actor Detection**
 
@@ -369,7 +369,7 @@ impact_rps="12",
 ```
 
 ### 3. Attack signatures
-Reports NGINX App Protect DoS decisions regarding signatures.<br>
+Reports F5 DoS for NGINX decisions regarding signatures.<br>
 
 Example: **Attack Signature Detected**
 
diff --git a/content/nap-dos/monitoring/types-of-logs.md b/content/nap-dos/monitoring/types-of-logs.md
index 865adafd7..a127408c7 100644
--- a/content/nap-dos/monitoring/types-of-logs.md
+++ b/content/nap-dos/monitoring/types-of-logs.md
@@ -1,7 +1,7 @@
 ---
-description: Learn about the F5 NGINX App Protect DoS Logs Overview.
+description: Learn about the F5 F5 DoS for NGINX Logs Overview.
 nd-docs: DOCS-671
-title: NGINX App Protect DoS Logs Overview
+title: F5 DoS for NGINX Logs Overview
 toc: true
 weight: 130
 type:
@@ -13,7 +13,7 @@ There are 4 types of logs corresponding to App Protect DoS:
 - [Security Log](#security-log): The general picture of the site and how App Protect DoS processed it, including anomalies and signatures found.
 - [Operation Log](#operation-log): Events such as configuration errors or warnings.
 - [Debug Logs](#debug-log): Technical messages at different levels of severity used to debug and resolve incidents and error behaviors.
-- [Request Logging](#request-log): F5 NGINX App Protect DoS adds information to each request logged to NGINX's access logging mechanism.
+- [Request Logging](#request-log): F5 F5 DoS for NGINX adds information to each request logged to NGINX's access logging mechanism.
 
 {{< call-out "note" >}}
 NGINX does not have audit logs in the sense of *"**who** did **what**"*. This can be done either from the orchestration system controlling NGINX (such as NGINX Controller) or by tracking the configuration files and the systemd invocations using Linux tools.
@@ -25,13 +25,13 @@ NGINX does not have audit logs in the sense of *"**who** did **what**"*. This ca
 |----|-----------------|-----------------------|-----------------|--------------------|
 | Debug | Log file name is the redirection in the invocation of the `admd` command line in the start script | Global (not part of `nginx.conf`)|Yes. Log file is in /var/log/adm/admd.log directory. There is currently no file rotation capability available for this log.|  No |
 |  Operation  |  `error_log` directive, part of core NGINX | `nginx.conf` - global | Yes, NGINX error log | Yes, NGINX error log   |
-|Request |NGINX has two directives for the access log: <br> - **access_log** - to turn [on\|off] <br> - **log_format** - to specify the required information regarding each request <br><br> NGINX App Protect DoS has several variables that can be added to the log_format directive, such as $app_protect_dos_outcome. <br><br> For more information refer to [NGINX App Protect DoS Access Log]({{< ref "/nap-dos/monitoring/access-log.md" >}}) | `nginx.conf` - global| Yes, NGINX access log | Yes, NGINX access log |
-| Security  | NGINX App Protect DoS has two directives in `nginx.conf`: <br> - app_protect_dos_security_log_enable to turn logging [on\|off] <br> - app_protect_dos_security_log to set it's logging configuration and destination <br><br> For more information refer: <br> - **Configuration**: [App Protect DoS - Directives and Policy]({{< ref "/nap-dos/directives-and-policy/learn-about-directives-and-policy.md">}}) <br> - **Usage**: [NGINX App Protect DoS - Security Log]({{< ref "/nap-dos/monitoring/security-log.md" >}}) | `nginx.conf`: http, server, location  | Yes, either stderr, or an absolute path to a local file are supported | Yes |
+|Request |NGINX has two directives for the access log: <br> - **access_log** - to turn [on\|off] <br> - **log_format** - to specify the required information regarding each request <br><br> F5 DoS for NGINX has several variables that can be added to the log_format directive, such as $app_protect_dos_outcome. <br><br> For more information refer to [F5 DoS for NGINX Access Log]({{< ref "/nap-dos/monitoring/access-log.md" >}}) | `nginx.conf` - global| Yes, NGINX access log | Yes, NGINX access log |
+| Security  | F5 DoS for NGINX has two directives in `nginx.conf`: <br> - app_protect_dos_security_log_enable to turn logging [on\|off] <br> - app_protect_dos_security_log to set it's logging configuration and destination <br><br> For more information refer: <br> - **Configuration**: [App Protect DoS - Directives and Policy]({{< ref "/nap-dos/directives-and-policy/learn-about-directives-and-policy.md">}}) <br> - **Usage**: [F5 DoS for NGINX - Security Log]({{< ref "/nap-dos/monitoring/security-log.md" >}}) | `nginx.conf`: http, server, location  | Yes, either stderr, or an absolute path to a local file are supported | Yes |
 
  {{</bootstrap-table>}}
 
 ## Security Log
- The security logs contain information about the status of the protected objects. It gives a general picture about each protected object in terms of traffic intensity, health of the backend server, learning and mitigations. For more information refer to [NGINX App Protect DoS Security Log]({{< ref "/nap-dos/monitoring/security-log.md" >}}) documentation.
+ The security logs contain information about the status of the protected objects. It gives a general picture about each protected object in terms of traffic intensity, health of the backend server, learning and mitigations. For more information refer to [F5 DoS for NGINX Security Log]({{< ref "/nap-dos/monitoring/security-log.md" >}}) documentation.
 
 ## Operation Log
  The operation logs consists of system operational and health events. The events are sent to the NGINX error log and are distinguished by the `APP_PROTECT_DOS` prefix followed by JSON body. The log level depends on the event: success is usually indicated by `notice`, while failure is indicated by `error`. The timestamp is inherent in the error log. For more information refer to [App Protect DoS Operation Log]({{< ref "/nap-dos/monitoring/operation-log.md" >}}) documentation.
@@ -43,13 +43,13 @@ NGINX does not have audit logs in the sense of *"**who** did **what**"*. This ca
  This directive determines the format of the log messages using predefined variables. App Protect DoS will enrich this set of variables with several security log attributes that are available to be included in the `log_format`. If `log_format` is not specified then the built-in format `combined` is used but, because that format does not include the extended App Protect DoS variables, this directive must be used when the user wants to add App Protect DoS information to the log.
 
 ### access_log
-This directive determines the destination of the `access_log` and the name of the format. The default is the file `/var/log/nginx/access.log` using the combined format. In order to use the custom format that includes the NGINX App Protect DoS variables, use this directive with the name of the desired format.
+This directive determines the destination of the `access_log` and the name of the format. The default is the file `/var/log/nginx/access.log` using the combined format. In order to use the custom format that includes the F5 DoS for NGINX variables, use this directive with the name of the desired format.
 
 ### App Protect DoS Variables
-These are the variables added to Access Log. They are a subset of the Security log attributes. The Security log names are prefixed with `$app_protect_dos`. <br> For more information refer to [NGINX App Protect DoS Access Log]({{< ref "/nap-dos/monitoring/access-log.md" >}})
+These are the variables added to Access Log. They are a subset of the Security log attributes. The Security log names are prefixed with `$app_protect_dos`. <br> For more information refer to [F5 DoS for NGINX Access Log]({{< ref "/nap-dos/monitoring/access-log.md" >}})
 
-## Debug Log - NGINX App Protect DoS
-The NGINX App Protect DoS Debug log is used to troubleshoot the functionality of the product. <br>
+## Debug Log - F5 DoS for NGINX
+The F5 DoS for NGINX Debug log is used to troubleshoot the functionality of the product. <br>
 
 The path of the log is at a fixed location: `/var/log/adm/admd.log`.
 
@@ -62,12 +62,12 @@ admd -l DEBUG_LEVEL
 ```
 
 {{< call-out "note" >}}
-`nginx.conf` does not refer to the NGINX App Protect DoS debug log configuration neither directly nor indirectly.
+`nginx.conf` does not refer to the F5 DoS for NGINX debug log configuration neither directly nor indirectly.
 {{< /call-out >}}
 
 ## NGINX Error log
 
-The NGINX Error log is used to troubleshoot the configuration portion of NGINX App Protect DoS.
+The NGINX Error log is used to troubleshoot the configuration portion of F5 DoS for NGINX.
 
 The file is called `error.log` and its path and debug level is determined in `nginx.conf` by the directive `error_log`. <br>
 
diff --git a/content/nap-dos/releases/_index.md b/content/nap-dos/releases/_index.md
index 7ac8e5f15..b152af861 100644
--- a/content/nap-dos/releases/_index.md
+++ b/content/nap-dos/releases/_index.md
@@ -1,5 +1,5 @@
 ---
-description: Stay up-to-date with the latest F5 NGINX App Protect DoS release.
+description: Stay up-to-date with the latest F5 F5 DoS for NGINX release.
 title: Releases
 weight: 220
 url: /nginx-app-protect-dos/releases/
diff --git a/content/nap-dos/releases/about-1.0.md b/content/nap-dos/releases/about-1.0.md
index b3741d126..3b1fca049 100644
--- a/content/nap-dos/releases/about-1.0.md
+++ b/content/nap-dos/releases/about-1.0.md
@@ -5,7 +5,7 @@ weight: 260
 nd-docs: DOCS-672
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v1. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v1. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 1.0
 
@@ -69,7 +69,7 @@ July 6, 2021
 
 - `proxy_request_buffering off` is not supported.
 
-- NGINX App Protect DoS does not protect `grpc` and `http2` services. The traffic is bypassed.
+- F5 DoS for NGINX does not protect `grpc` and `http2` services. The traffic is bypassed.
 
 - [TLS fingerprint]({{< ref "/nap-dos/directives-and-policy/learn-about-directives-and-policy.md#policy-directive-app_protect_dos_policy_file" >}}) feature is not used in CentOS 7.4 due to the old OpenSSL version. The required OpenSSL version is 1.1.1 or higher.
 
diff --git a/content/nap-dos/releases/about-1.1.0.md b/content/nap-dos/releases/about-1.1.0.md
index f853f5843..69a2df614 100644
--- a/content/nap-dos/releases/about-1.1.0.md
+++ b/content/nap-dos/releases/about-1.1.0.md
@@ -1,11 +1,11 @@
 ---
-title: NGINX App Protect DoS Arbitrator 1.1.0
+title: F5 DoS for NGINX Arbitrator 1.1.0
 toc: true
 weight: 220
 nd-docs: DOCS-673
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS Arbitrator v1.1.0.
+Here you can find the release information for F5 F5 DoS for NGINX Arbitrator v1.1.0.
 
 ## Arbitrator Service Release 1.1.0
 
@@ -25,13 +25,13 @@ This release is focused on security and stability.
 
 ### Important Notes
 
-- The current release upgrades Arbitrator service only. This change is agnostic to NGINX App Protect DoS functionalities.
+- The current release upgrades Arbitrator service only. This change is agnostic to F5 DoS for NGINX functionalities.
 
 - `proxy_request_buffering` off is not supported.
 
 - gRPC and HTTP/2 protection require active monitoring of the protected service. The directive `app_protect_dos_monitor` is mandatory for these use cases, otherwise, the attack will not be detected.
 
-- gRPC and HTTP/2 protection are available only on Debian 10, Ubuntu 18.04, and Ubuntu 20.04 platforms. For the rest of the platforms, NGINX App Protect DoS does not protect gRPC and HTTP/2 services. The traffic is bypassed.
+- gRPC and HTTP/2 protection are available only on Debian 10, Ubuntu 18.04, and Ubuntu 20.04 platforms. For the rest of the platforms, F5 DoS for NGINX does not protect gRPC and HTTP/2 services. The traffic is bypassed.
 
 - [TLS fingerprint]({{< ref "/nap-dos/directives-and-policy/learn-about-directives-and-policy.md#policy-directive-app_protect_dos_policy_file" >}}) feature is not used in CentOS 7.4 due to the old OpenSSL version. The required OpenSSL version is 1.1.1 or higher.
 
@@ -44,4 +44,4 @@ This release is focused on security and stability.
   - `successful_responses` instead of `successful_transactions` <br>
   - `unsuccessful_requests` instead of `unsuccessful_requests_count`.
 
-- In the case of an upgrade from the previous `app-protect-dos` version, it's necessary to remove the old `nginx-plus` and install the new `app-protect-dos` that will install a correspondent version of `nginx-plus` as described in the [NGINX App Protect DoS Deployment Guide]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md" >}}).
+- In the case of an upgrade from the previous `app-protect-dos` version, it's necessary to remove the old `nginx-plus` and install the new `app-protect-dos` that will install a correspondent version of `nginx-plus` as described in the [F5 DoS for NGINX Deployment Guide]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md" >}}).
diff --git a/content/nap-dos/releases/about-1.1.1.md b/content/nap-dos/releases/about-1.1.1.md
index 173b8e1cd..027b5f59b 100644
--- a/content/nap-dos/releases/about-1.1.1.md
+++ b/content/nap-dos/releases/about-1.1.1.md
@@ -1,11 +1,11 @@
 ---
-title: NGINX App Protect DoS Arbitrator 1.1.1
+title: F5 DoS for NGINX Arbitrator 1.1.1
 toc: true
 weight: 115
 nd-docs: DOCS-1205
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS Arbitrator v1.1.1.
+Here you can find the release information for F5 F5 DoS for NGINX Arbitrator v1.1.1.
 
 ## Arbitrator Service Release 1.1.1
 
diff --git a/content/nap-dos/releases/about-1.2.0.md b/content/nap-dos/releases/about-1.2.0.md
index ed606e4e0..1804d59fc 100644
--- a/content/nap-dos/releases/about-1.2.0.md
+++ b/content/nap-dos/releases/about-1.2.0.md
@@ -1,11 +1,11 @@
 ---
-title: NGINX App Protect DoS Arbitrator 1.2.0
+title: F5 DoS for NGINX Arbitrator 1.2.0
 toc: true
 weight: 61
 nd-docs: DOCS-1782
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS Arbitrator v1.2.0
+Here you can find the release information for F5 F5 DoS for NGINX Arbitrator v1.2.0
 
 ## Arbitrator Service Release 1.2.0
 
diff --git a/content/nap-dos/releases/about-2.0.md b/content/nap-dos/releases/about-2.0.md
index 7fb5b9005..81b7fecc0 100644
--- a/content/nap-dos/releases/about-2.0.md
+++ b/content/nap-dos/releases/about-2.0.md
@@ -1,11 +1,11 @@
 ---
-title: NGINX App Protect DoS 2.0
+title: F5 DoS for NGINX 2.0
 toc: true
 weight: 220
 nd-docs: DOCS-674
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v2.0. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v2.0. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 2.0
 
@@ -72,7 +72,7 @@ October 20, 2021
 
 - gRPC and HTTP/2 protection require active monitoring of the protected service. The directive `app_protect_dos_monitor` is mandatory for these use cases, otherwise, the attack will not be detected.
 
-- gRPC and HTTP/2 protection are available only on Debian 10, Ubuntu 18.04 and Ubuntu 20.04 platforms. For the rest of the platforms, NGINX App Protect DoS does not protect gRPC and HTTP/2 services. The traffic is bypassed.
+- gRPC and HTTP/2 protection are available only on Debian 10, Ubuntu 18.04 and Ubuntu 20.04 platforms. For the rest of the platforms, F5 DoS for NGINX does not protect gRPC and HTTP/2 services. The traffic is bypassed.
 
 - [TLS fingerprint]({{< ref "/nap-dos/directives-and-policy/learn-about-directives-and-policy.md#policy-directive-app_protect_dos_policy_file" >}}) feature is not used in CentOS 7.4 due to the old OpenSSL version. The required OpenSSL version is 1.1.1 or higher.
 
@@ -85,4 +85,4 @@ October 20, 2021
   - `successful_responses` instead of `successful_transactions` <br>
   - `unsuccessful_requests` instead of `unsuccessful_requests_count`.
 
-- In the case of an upgrade from the previous `app-protect-dos` version, it's necessary to remove the old `nginx-plus` and install the new `app-protect-dos` that will install a correspondent version of `nginx-plus` as described in the [NGINX App Protect DoS Deployment Guide]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md" >}}).
+- In the case of an upgrade from the previous `app-protect-dos` version, it's necessary to remove the old `nginx-plus` and install the new `app-protect-dos` that will install a correspondent version of `nginx-plus` as described in the [F5 DoS for NGINX Deployment Guide]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md" >}}).
diff --git a/content/nap-dos/releases/about-2.1.md b/content/nap-dos/releases/about-2.1.md
index 462ba2bbe..fb584cb6b 100644
--- a/content/nap-dos/releases/about-2.1.md
+++ b/content/nap-dos/releases/about-2.1.md
@@ -1,11 +1,11 @@
 ---
-title: NGINX App Protect DoS 2.1
+title: F5 DoS for NGINX 2.1
 toc: true
 weight: 200
 nd-docs: DOCS-831
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v2.1. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v2.1. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 2.1
 
diff --git a/content/nap-dos/releases/about-2.2.md b/content/nap-dos/releases/about-2.2.md
index 147cd6f51..cec7466b0 100644
--- a/content/nap-dos/releases/about-2.2.md
+++ b/content/nap-dos/releases/about-2.2.md
@@ -1,17 +1,17 @@
 ---
-title: NGINX App Protect DoS 2.2
+title: F5 DoS for NGINX 2.2
 toc: true
 weight: 180
 nd-docs: DOCS-839
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v2.2. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v2.2. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 2.2
 
 February 15, 2022
 
-In this release, support for NGINX App Protect DoS is added to NGINX Plus R26.
+In this release, support for F5 DoS for NGINX is added to NGINX Plus R26.
 
 ### New Features
 
@@ -50,7 +50,7 @@ In this release, support for NGINX App Protect DoS is added to NGINX Plus R26.
 - Monitor requests are sent in new connections. It improves monitoring health capability and allows better detection of slow POST attacks.
 
 - Adaptive memory allocation by adminstall in order to support maximum cores.
-  The amount of allocated memory for NGINX App Protect DoS is controlled by an argument of adminstall.
+  The amount of allocated memory for F5 DoS for NGINX is controlled by an argument of adminstall.
   The default value is 80 MB. For certain deployments, this amount of memory size is not enough.  The default memory size is adaptive now. If the Virtual Machine (VM) has a big number of CPU cores, then we can also increase the amount of memory. For the case of up to 4 CPU cores, the allocated memory is 80MB, for more than 4 CPU cores, the allocated memory will be calculated as 80MB + CPUs * 2.5MB
 
 
diff --git a/content/nap-dos/releases/about-2.3.md b/content/nap-dos/releases/about-2.3.md
index c98c7be28..c0c70fcea 100644
--- a/content/nap-dos/releases/about-2.3.md
+++ b/content/nap-dos/releases/about-2.3.md
@@ -1,11 +1,11 @@
 ---
-title: NGINX App Protect DoS 2.3
+title: F5 DoS for NGINX 2.3
 toc: true
 weight: 170
 nd-docs: DOCS-856
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v2.3. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v2.3. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 2.3
 
diff --git a/content/nap-dos/releases/about-2.4.md b/content/nap-dos/releases/about-2.4.md
index bf8502638..c20de446c 100644
--- a/content/nap-dos/releases/about-2.4.md
+++ b/content/nap-dos/releases/about-2.4.md
@@ -1,11 +1,11 @@
 ---
-title: NGINX App Protect DoS 2.4
+title: F5 DoS for NGINX 2.4
 toc: true
 weight: 160
 nd-docs: DOCS-890
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v2.4. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v2.4. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 2.4
 
@@ -54,7 +54,7 @@ June 28, 2022
 
 ### Resolved Issues
 
-- Honoring allow/deny directives for restricting access to the NGINX App Protect DoS Live Activity Monitoring API location.
+- Honoring allow/deny directives for restricting access to the F5 DoS for NGINX Live Activity Monitoring API location.
 
 ### Important Notes
 
diff --git a/content/nap-dos/releases/about-3.0.md b/content/nap-dos/releases/about-3.0.md
index 9310fa583..fe076afd2 100644
--- a/content/nap-dos/releases/about-3.0.md
+++ b/content/nap-dos/releases/about-3.0.md
@@ -1,11 +1,11 @@
 ---
-title: NGINX App Protect DoS 3.0
+title: F5 DoS for NGINX 3.0
 toc: true
 weight: 150
 nd-docs: DOCS-946
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v3.0. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v3.0. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 3.0
 
@@ -15,7 +15,7 @@ September 21, 2022
 
 - L4 mitigation (with eBPF)
 - DoS Live Activity Monitoring with requests mitigation graphs
-- DoS Live Activity Monitoring support for multi-instances NGINX App Protect DoS setups (multi-VMs, multi-replicas)
+- DoS Live Activity Monitoring support for multi-instances F5 DoS for NGINX setups (multi-VMs, multi-replicas)
 
 ### Supported Packages
 
@@ -57,8 +57,8 @@ September 21, 2022
 ### Important Notes
 
 - L4 (eBPF) mitigation helps mitigate volumetric attacks by slowing down the opening of TCP connections by the attackers.
-It is recommended to deploy NGINX App Protect DoS with L4 (eBPF) mitigation at the perimeter network or behind L3 load balancer.
-Installing NGINX App Protect DoS with L4 (eBPF) mitigation behind L4/L7 load balancer may result in the load balancer's starvation during an attack.
+It is recommended to deploy F5 DoS for NGINX with L4 (eBPF) mitigation at the perimeter network or behind L3 load balancer.
+Installing F5 DoS for NGINX with L4 (eBPF) mitigation behind L4/L7 load balancer may result in the load balancer's starvation during an attack.
 
 - If NGINX App Protect WAF is installed, app protect should be disabled for the location of DoS Live Activity Monitoring API.
 
diff --git a/content/nap-dos/releases/about-3.1.md b/content/nap-dos/releases/about-3.1.md
index 6c2311330..f476dd9a3 100644
--- a/content/nap-dos/releases/about-3.1.md
+++ b/content/nap-dos/releases/about-3.1.md
@@ -1,26 +1,26 @@
 ---
-title: NGINX App Protect DoS 3.1
+title: F5 DoS for NGINX 3.1
 toc: true
 weight: 140
 nd-docs: DOCS-995
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v3.1. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v3.1. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 3.1
 
 November 29, 2022
 
-In this release, NGINX App Protect DoS supports NGINX Plus R28.
+In this release, F5 DoS for NGINX supports NGINX Plus R28.
 
 ### New Features
 
 - Support for NGINX Plus R28.
-- NGINX App protect DoS can be deployed behind L4/L7 load balancers when L4 protection is enabled.
-- Fixed the issue: Installing NGINX App protect DoS with L4 (eBPF) mitigation behind L4/L7 load balancer may result in the load balancer's starvation during an attack.
+- F5 DoS for NGINX can be deployed behind L4/L7 load balancers when L4 protection is enabled.
+- Fixed the issue: Installing F5 DoS for NGINX with L4 (eBPF) mitigation behind L4/L7 load balancer may result in the load balancer's starvation during an attack.
 - Support for [proxy_protocol]({{< ref "/nap-dos/directives-and-policy/learn-about-directives-and-policy.md#monitor-directive-app_protect_dos_monitor" >}}) configuration for server health monitoring.<br>
 Previously, server health monitoring could not be used when the listen directive of the correspondent server block contained the `proxy_protocol` parameter.<br>
-This disallowed using NGINX App protect DoS for Denial of Service (DoS) protection for HTTP2 and gRPC protected objects in the `proxy_protocol` configuration.
+This disallowed using F5 DoS for NGINX for Denial of Service (DoS) protection for HTTP2 and gRPC protected objects in the `proxy_protocol` configuration.
 
 
 ### Supported Packages
diff --git a/content/nap-dos/releases/about-4.0.md b/content/nap-dos/releases/about-4.0.md
index 5dab6acfd..95a8fa1a7 100644
--- a/content/nap-dos/releases/about-4.0.md
+++ b/content/nap-dos/releases/about-4.0.md
@@ -1,11 +1,11 @@
 ---
-title: NGINX App Protect DoS 4.0
+title: F5 DoS for NGINX 4.0
 toc: true
 weight: 120
 nd-docs: DOCS-1115
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v4.0. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v4.0. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 4.0
 
diff --git a/content/nap-dos/releases/about-4.1.md b/content/nap-dos/releases/about-4.1.md
index 442e20563..3b7543d2f 100644
--- a/content/nap-dos/releases/about-4.1.md
+++ b/content/nap-dos/releases/about-4.1.md
@@ -1,17 +1,17 @@
 ---
-title: NGINX App Protect DoS 4.1
+title: F5 DoS for NGINX 4.1
 toc: true
 weight: 110
 nd-docs: DOCS-1203
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v4.1. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v4.1. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 4.1
 
 May 2, 2023
 
-In this release, NGINX App Protect DoS supports NGINX Plus R29.
+In this release, F5 DoS for NGINX supports NGINX Plus R29.
 
 ### New Features
 
@@ -91,4 +91,4 @@ In this release, NGINX App Protect DoS supports NGINX Plus R29.
 
 - The recommended option of running NGINX Plus in a Docker Container is with the `daemon off` flag. It's mandatory for UBI 8.
 
-- The package dependencies for NGINX App Protect DoS have changed in this release, replacing the `curl` dependencies with `libcurl` only. For more information, see the [NGINX App Protect DoS Deployment Guide]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md#prerequisites" >}}).
+- The package dependencies for F5 DoS for NGINX have changed in this release, replacing the `curl` dependencies with `libcurl` only. For more information, see the [F5 DoS for NGINX Deployment Guide]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md#prerequisites" >}}).
diff --git a/content/nap-dos/releases/about-4.2.md b/content/nap-dos/releases/about-4.2.md
index 03152db74..88911fefa 100644
--- a/content/nap-dos/releases/about-4.2.md
+++ b/content/nap-dos/releases/about-4.2.md
@@ -1,17 +1,17 @@
 ---
-title: NGINX App Protect DoS 4.2
+title: F5 DoS for NGINX 4.2
 toc: true
 weight: 100
 nd-docs: DOCS-1254
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v4.2. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v4.2. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 4.2
 
 August 15, 2023
 
-In this release, NGINX App Protect DoS supports NGINX Plus R30.
+In this release, F5 DoS for NGINX supports NGINX Plus R30.
 
 ### New Features
 
@@ -95,6 +95,6 @@ In this release, NGINX App Protect DoS supports NGINX Plus R30.
 
 - The recommended option of running NGINX Plus in a Docker Container is with the `daemon off` flag. It's mandatory for UBI 8.
 
-- The package dependencies for NGINX App Protect DoS have changed in this release, replacing the `curl` dependencies with `libcurl` only. For more information, see the [NGINX App Protect DoS Deployment Guide]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md#prerequisites" >}}).
+- The package dependencies for F5 DoS for NGINX have changed in this release, replacing the `curl` dependencies with `libcurl` only. For more information, see the [F5 DoS for NGINX Deployment Guide]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md#prerequisites" >}}).
 
 - Starting with this release, Ubuntu 18.04 support has been deprecated.
diff --git a/content/nap-dos/releases/about-4.3.md b/content/nap-dos/releases/about-4.3.md
index 5ae85ca28..19b6f8d69 100644
--- a/content/nap-dos/releases/about-4.3.md
+++ b/content/nap-dos/releases/about-4.3.md
@@ -1,17 +1,17 @@
 ---
-title: NGINX App Protect DoS 4.3
+title: F5 DoS for NGINX 4.3
 toc: true
 weight: 90
 nd-docs: DOCS-1361
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v4.3. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v4.3. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 4.3
 
 December 19, 2023
 
-In this release, NGINX App Protect DoS supports NGINX Plus R31.
+In this release, F5 DoS for NGINX supports NGINX Plus R31.
 
 ### New Features
 
diff --git a/content/nap-dos/releases/about-4.4.md b/content/nap-dos/releases/about-4.4.md
index 9bd7ac240..dcacb406a 100644
--- a/content/nap-dos/releases/about-4.4.md
+++ b/content/nap-dos/releases/about-4.4.md
@@ -1,17 +1,17 @@
 ---
-title: NGINX App Protect DoS 4.4
+title: F5 DoS for NGINX 4.4
 toc: true
 weight: 80
 nd-docs: DOCS-1785
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v4.4. NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+Here you can find the release information for F5 F5 DoS for NGINX v4.4. F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 4.4
 
 May 29, 2024
 
-In this release, NGINX App Protect DoS supports NGINX Plus R32.
+In this release, F5 DoS for NGINX supports NGINX Plus R32.
 
 ### New Features
 
diff --git a/content/nap-dos/releases/about-4.5.md b/content/nap-dos/releases/about-4.5.md
index 969d4e6b1..a1ba513cd 100644
--- a/content/nap-dos/releases/about-4.5.md
+++ b/content/nap-dos/releases/about-4.5.md
@@ -1,13 +1,13 @@
 ---
-title: NGINX App Protect DoS 4.5
+title: F5 DoS for NGINX 4.5
 toc: true
 weight: 70
 nd-docs: DOCS-1784
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v4.5
+Here you can find the release information for F5 F5 DoS for NGINX v4.5
 
-NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ---
 
@@ -15,7 +15,7 @@ NGINX App Protect DoS provides behavioral protection against Denial of Service (
 
 Nov 19, 2024
 
-NGINX App Protect DoS 4.5 adds support for NGINX Plus R33.
+F5 DoS for NGINX 4.5 adds support for NGINX Plus R33.
 
 ---
 
diff --git a/content/nap-dos/releases/about-4.6.md b/content/nap-dos/releases/about-4.6.md
index b45af1e0d..58f9689c1 100644
--- a/content/nap-dos/releases/about-4.6.md
+++ b/content/nap-dos/releases/about-4.6.md
@@ -1,13 +1,13 @@
 ---
-title: NGINX App Protect DoS 4.6
+title: F5 DoS for NGINX 4.6
 toc: true
 weight: 60
 nd-docs: DOCS-1783
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v4.6
+Here you can find the release information for F5 F5 DoS for NGINX v4.6
 
-NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ---
 
diff --git a/content/nap-dos/releases/about-4.7.md b/content/nap-dos/releases/about-4.7.md
index 77e7f2e9a..8fa7cb6c8 100644
--- a/content/nap-dos/releases/about-4.7.md
+++ b/content/nap-dos/releases/about-4.7.md
@@ -1,13 +1,13 @@
 ---
-title: NGINX App Protect DoS 4.7
+title: F5 DoS for NGINX 4.7
 toc: true
 weight: 50
 nd-docs: DOCS-1783
 ---
 
-Here you can find the release information for F5 NGINX App Protect DoS v4.7
+Here you can find the release information for F5 F5 DoS for NGINX v4.7
 
-NGINX App Protect DoS provides behavioral protection against Denial of Service (DoS) for your web applications.
+F5 DoS for NGINX provides behavioral protection against Denial of Service (DoS) for your web applications.
 
 ## Release 4.7
 
diff --git a/content/nap-dos/troubleshooting-guide/_index.md b/content/nap-dos/troubleshooting-guide/_index.md
index ccc6eeebc..6597d168d 100644
--- a/content/nap-dos/troubleshooting-guide/_index.md
+++ b/content/nap-dos/troubleshooting-guide/_index.md
@@ -1,5 +1,5 @@
 ---
-description: Learn how to troubleshoot your F5 NGINX App Protect DoS deployment.
+description: Learn how to troubleshoot your F5 F5 DoS for NGINX deployment.
 title: Troubleshooting Guide
 weight: 200
 url: /nginx-app-protect-dos/troubleshooting-guide/
diff --git a/content/nap-dos/troubleshooting-guide/how-to-troubleshoot.md b/content/nap-dos/troubleshooting-guide/how-to-troubleshoot.md
index 7ac06a6a7..f9e9839f6 100644
--- a/content/nap-dos/troubleshooting-guide/how-to-troubleshoot.md
+++ b/content/nap-dos/troubleshooting-guide/how-to-troubleshoot.md
@@ -1,7 +1,7 @@
 ---
-description: Learn about the F5 NGINX App Protect DoS Troubleshooting Guide.
+description: Learn about the F5 F5 DoS for NGINX Troubleshooting Guide.
 nd-docs: DOCS-675
-title: NGINX App Protect DoS Troubleshooting Guide
+title: F5 DoS for NGINX Troubleshooting Guide
 toc: true
 weight: 200
 type:
@@ -10,7 +10,7 @@ type:
 
 ## Overview
 
-This Troubleshooting Guide is intended to provide guidance to customers in the detection and correction of programming issues in F5 NGINX App Protect DoS. It may also be useful to IT.
+This Troubleshooting Guide is intended to provide guidance to customers in the detection and correction of programming issues in F5 F5 DoS for NGINX. It may also be useful to IT.
 
 ## Resolving Known Problems
 
@@ -22,11 +22,11 @@ This Troubleshooting Guide is intended to provide guidance to customers in the d
 |-------|--------|
 | NGINX is not running (ps -aux) <br><br> Reloading NGINX fails| Check the error log at `/var/log/nginx/error.log`. <br> Fix the problem and re-run NGINX.|
 | No original source IP in logs|1. XFF is not configured (or not configured correctly) <br>2. External Load Balancer doesn't forward XFF |
-| NGINX App Protect DoS functionality is not as expected| NGINX App Protect DoS has several logs which can be used for troubleshooting. <br> Usually, it is best to look for any warning or error messages within the logs. <br> Refer to [Logs Overview]({{< ref "/nap-dos/monitoring/types-of-logs.md">}})|
+| F5 DoS for NGINX functionality is not as expected| F5 DoS for NGINX has several logs which can be used for troubleshooting. <br> Usually, it is best to look for any warning or error messages within the logs. <br> Refer to [Logs Overview]({{< ref "/nap-dos/monitoring/types-of-logs.md">}})|
 | `Too many open files` error message | Increase number of file descriptors. <br> For example: `worker_rlimit_nofile 65535;` in the main context of `nginx.conf` file. <br> Refer to [worker_rlimit_nofile directive](https://www.nginx.com/blog/using-nginx-plus-with-selinux/) |
 | `setrlimit ... failed (Permission denied)` error message | Increase the limit using the following command as the root user:<br> `setsebool -P httpd_setrlimit 1;` <br> Refer to [Issue 4: Too many files are open Error](https://www.nginx.com/blog/using-nginx-plus-with-selinux/#Issue-4:-%3Ccode%3EToo-many-files-are-open%3C/code%3E-Error) |
-| More protected objects than expected | The `app_protect_dos_enable` directive is inherited by all server and location blocks beneath it, each block will be a protected object. <br> Consider moving this directive from outer to inner block. <br> Refer to: [NGINX App Protect DoS - Directives and Policy]({{< ref "/nap-dos/directives-and-policy/learn-about-directives-and-policy.md" >}}) |
-| `No DOS protection for ngx_worker at idx X` warning message | There are more nginx processes than allowed. <br> Either decrease the number of nginx processes (ngx_processes directive in `nginx.conf` file) or increase the number of supported workers for NGINX App Protect DoS using the flag `--max-workers NUM` for `/usr/bin/adminstall`. |
+| More protected objects than expected | The `app_protect_dos_enable` directive is inherited by all server and location blocks beneath it, each block will be a protected object. <br> Consider moving this directive from outer to inner block. <br> Refer to: [F5 DoS for NGINX - Directives and Policy]({{< ref "/nap-dos/directives-and-policy/learn-about-directives-and-policy.md" >}}) |
+| `No DOS protection for ngx_worker at idx X` warning message | There are more nginx processes than allowed. <br> Either decrease the number of nginx processes (ngx_processes directive in `nginx.conf` file) or increase the number of supported workers for F5 DoS for NGINX using the flag `--max-workers NUM` for `/usr/bin/adminstall`. |
 | `unknown directive 'app_protect_dos_xxx'` error message | App Protect DOS module is not loaded. Add this line to the main (global) context of nginx.conf: <br>  `load_module "/etc/nginx/modules/ngx_http_app_protect_dos_module.so";` |
 | NGINX struggles handling a high rate of incoming connections | Linux machine should be tuned for optimal performance. <br> Refer to [Tuning NGINX for Performance](https://www.nginx.com/blog/tuning-nginx/) |
 | Error in `adminstall` process, such as `Failed to allocate` | Insufficient memory to allocate all the required resources. <br> Increase the `--memory` size or decrease the number of nginx workers (`--max_workers`) if not all of them are going to be in use. <br> Use the `--help` flag for more info. |
@@ -35,11 +35,11 @@ This Troubleshooting Guide is intended to provide guidance to customers in the d
 
 ### ELK issues
 
-ELK issues are addressed directly in GitHub by posting the issue to Kibana dashboards for [NGINX App Protect DoS GitHub repo](https://github.com/f5devcentral/nap-dos-elk-dashboards).
+ELK issues are addressed directly in GitHub by posting the issue to Kibana dashboards for [F5 DoS for NGINX GitHub repo](https://github.com/f5devcentral/nap-dos-elk-dashboards).
 
 ### SELinux
 
-Configure SELinux to allow NGINX App Protect DoS.
+Configure SELinux to allow F5 DoS for NGINX.
 
 The configuration steps are found in the [SELinux configuration]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md#selinux-configuration" >}}) section of the deployment guide.
 
@@ -79,7 +79,7 @@ If there are any problems, collect the troubleshooting information in a tarball
 
 1. Get package version:
 
-   a. Get NGINX App Protect DoS version:<br>
+   a. Get F5 DoS for NGINX version:<br>
 
    ```shell
    /usr/bin/admd -v > package_versions.txt
@@ -103,7 +103,7 @@ If there are any problems, collect the troubleshooting information in a tarball
    cat /etc/os-release > system_version.txt && uname -r >> system_version.txt && cat /proc/version >> system_version.txt
    ```
 
-   d. Get NGINX App Protect DoS shared memory dump:<br>
+   d. Get F5 DoS for NGINX shared memory dump:<br>
 
    ```shell
    admd -c > napd_shmem.txt
diff --git a/content/nginx-one/_index.md b/content/nginx-one/_index.md
index 0f7ccda35..99f7e201d 100644
--- a/content/nginx-one/_index.md
+++ b/content/nginx-one/_index.md
@@ -101,7 +101,7 @@ F5 NGINX One Console makes it easy to manage NGINX instances across locations an
     {{< card title="NGINX App Protect WAF" titleUrl="/nginx-app-protect-waf" brandIcon="NGINX-App-Protect-WAF-product-icon.svg">}}
       Lightweight, high-performance, advanced protection against Layer 7 attacks on your apps and APIs.
     {{</ card >}}
-    {{< card title="NGINX App Protect DoS" titleUrl="/nginx-app-protect-dos" brandIcon="NGINX-App-Protect-DoS-product-icon.svg">}}
+    {{< card title="F5 DoS for NGINX" titleUrl="/nginx-app-protect-dos" brandIcon="NGINX-App-Protect-DoS-product-icon.svg">}}
       Defend, adapt, and mitigate against Layer 7 denial-of-service attacks on your apps and APIs.
     {{</ card >}}
   {{</ card-section >}}
diff --git a/content/nginxaas-azure/overview/feature-comparison.md b/content/nginxaas-azure/overview/feature-comparison.md
index f30da905f..4a2425464 100644
--- a/content/nginxaas-azure/overview/feature-comparison.md
+++ b/content/nginxaas-azure/overview/feature-comparison.md
@@ -41,7 +41,7 @@ type:
 |&nbsp;&nbsp;Internal redirect |             |{{<check>}}          |                          |
 |&nbsp;&nbsp;NGINX as a SAML Service Provider |             |{{<check>}}          |{{<check>}}                  |
 |&nbsp;&nbsp;[NGINX App Protect WAF](https://www.f5.com/products/nginx/nginx-app-protect) (additional cost) |             |{{<check>}}          |{{<check>}}          |
-|&nbsp;&nbsp;[NGINX App Protect DoS](https://www.f5.com/products/nginx/nginx-app-protect) (additional cost) |             |{{<check>}}          |                          |
+|&nbsp;&nbsp;[F5 DoS for NGINX](https://www.f5.com/products/nginx/nginx-app-protect) (additional cost) |             |{{<check>}}          |                          |
 |**Monitoring**                          |**NGINX Open<br>Source** |**NGINX Plus<br>&nbsp;** |**NGINXaaS<br>for Azure**     |
 |&nbsp;&nbsp;Export to [external monitoring tools](https://docs.nginx.com/nginx/admin-guide/monitoring/live-activity-monitoring/)  |{{<check>}} |{{<check>}}          |Export metrics to<br>Azure Monitor |
 |&nbsp;&nbsp;Built-in dashboard          |                     |{{<check>}}          |[Azure Monitor](https://learn.microsoft.com/en-us/azure/azure-monitor/overview)<br> and [Azure Portal](https://azure.microsoft.com/en-us/get-started/azure-portal)       |
diff --git a/content/nic/configuration/security.md b/content/nic/configuration/security.md
index ad561cb21..676a3ad56 100644
--- a/content/nic/configuration/security.md
+++ b/content/nic/configuration/security.md
@@ -34,7 +34,7 @@ By default, the ServiceAccount has access to all Secret resources in the cluster
 ### Configure root filesystem as read-only
 
 {{< call-out "caution"  >}}
- This feature is compatible with [NGINX App Protect WAF v5]({{< ref "/nap-waf/v5/" >}}). It is not compatible with [NGINX App Protect WAF v4]({{< ref "/nap-waf/v4/" >}}) or [NGINX App Protect DoS]({{< ref "/nap-dos/" >}}).
+ This feature is compatible with [NGINX App Protect WAF v5]({{< ref "/nap-waf/v5/" >}}). It is not compatible with [NGINX App Protect WAF v4]({{< ref "/nap-waf/v4/" >}}) or [F5 DoS for NGINX]({{< ref "/nap-dos/" >}}).
 {{< /call-out >}}
 
 NGINX Ingress Controller is designed to be resilient against attacks in various ways, such as running the service as non-root to avoid changes to files. We recommend setting filesystems on all containers to read-only, this includes `nginx-ingress-controller`, though also includes `waf-enforcer` and `waf-config-mgr` when NGINX App Protect WAFv5 is in use.  This is so that the attack surface is further reduced by limiting changes to binaries and libraries.
diff --git a/content/nic/installation/build-nginx-ingress-controller.md b/content/nic/installation/build-nginx-ingress-controller.md
index b9c2b78ef..f829b308d 100644
--- a/content/nic/installation/build-nginx-ingress-controller.md
+++ b/content/nic/installation/build-nginx-ingress-controller.md
@@ -151,14 +151,14 @@ Key targets include:
 | _debian-image-plus_           | Builds a Debian-based image with NGINX Plus.                                                                                                                                                                 |
 | _debian-image-nap-plus_       | Builds a Debian-based image with NGINX Plus and the [NGINX App Protect WAF](/nginx-app-protect/) module.                                                                                                     |
 | _debian-image-nap-v5-plus_       | Builds a Debian-based image with NGINX Plus and the [NGINX App Protect WAF v5](/nginx-app-protect/) module.                                                                                                     |
-| _debian-image-dos-plus_       | Builds a Debian-based image with NGINX Plus and the [NGINX App Protect DoS](/nginx-app-protect-dos/) module.                                                                                                 |
-| _debian-image-nap-dos-plus_   | Builds a Debian-based image with NGINX Plus, [NGINX App Protect WAF](/nginx-app-protect/) and [NGINX App Protect DoS](/nginx-app-protect-dos/) modules.                                                      |
+| _debian-image-dos-plus_       | Builds a Debian-based image with NGINX Plus and the [F5 DoS for NGINX](/nginx-app-protect-dos/) module.                                                                                                 |
+| _debian-image-nap-dos-plus_   | Builds a Debian-based image with NGINX Plus, [NGINX App Protect WAF](/nginx-app-protect/) and [F5 DoS for NGINX](/nginx-app-protect-dos/) modules.                                                      |
 | _ubi-image_                   | Builds a UBI-based image with NGINX for [OpenShift](https://www.openshift.com/) clusters.                                                                                                                    |
 | _ubi-image-plus_              | Builds a UBI-based image with NGINX Plus for [OpenShift](https://www.openshift.com/) clusters.                                                                                                               |
 | _ubi-image-nap-plus_          | Builds a UBI-based image with NGINX Plus and the [NGINX App Protect WAF](/nginx-app-protect/) module for [OpenShift](https://www.openshift.com/) clusters.                                                   |
 | _ubi-image-nap-v5-plus_          | Builds a UBI-based image with NGINX Plus and the [NGINX App Protect WAF v5](/nginx-app-protect/) module for [OpenShift](https://www.openshift.com/) clusters.                                                   |
-| _ubi-image-dos-plus_          | Builds a UBI-based image with NGINX Plus and the [NGINX App Protect DoS](/nginx-app-protect-dos/) module for [OpenShift](https://www.openshift.com/) clusters.                                               |
-| _ubi-image-nap-dos-plus_      | <p>Builds a UBI-based image with NGINX Plus, [NGINX App Protect WAF](/nginx-app-protect/) and the [NGINX App Protect DoS](/nginx-app-protect-dos/) module for [OpenShift](https://www.openshift.com/) clusters.</p> <p> **Important**: Save your RHEL organization and activation keys in a file named _rhel_license_ at the project root.</p> <p> For instance:</p> <pre>RHEL_ORGANIZATION=1111111<br />RHEL_ACTIVATION_KEY=your-key</pre>|
+| _ubi-image-dos-plus_          | Builds a UBI-based image with NGINX Plus and the [F5 DoS for NGINX](/nginx-app-protect-dos/) module for [OpenShift](https://www.openshift.com/) clusters.                                               |
+| _ubi-image-nap-dos-plus_      | <p>Builds a UBI-based image with NGINX Plus, [NGINX App Protect WAF](/nginx-app-protect/) and the [F5 DoS for NGINX](/nginx-app-protect-dos/) module for [OpenShift](https://www.openshift.com/) clusters.</p> <p> **Important**: Save your RHEL organization and activation keys in a file named _rhel_license_ at the project root.</p> <p> For instance:</p> <pre>RHEL_ORGANIZATION=1111111<br />RHEL_ACTIVATION_KEY=your-key</pre>|
 {{</bootstrap-table>}}
 
 ---
diff --git a/content/nic/installation/installing-nic/installation-with-manifests.md b/content/nic/installation/installing-nic/installation-with-manifests.md
index 8df8e0a53..eb550acb3 100644
--- a/content/nic/installation/installing-nic/installation-with-manifests.md
+++ b/content/nic/installation/installing-nic/installation-with-manifests.md
@@ -71,14 +71,14 @@ To use App Protect DoS, install the App Protect DoS Arbitrator using the provide
 
 ### Create optional custom resources
 
-There are optional CRDs that are necessary if you want to use NGINX App Protect WAF or NGINX App Protect DoS.
+There are optional CRDs that are necessary if you want to use NGINX App Protect WAF or F5 DoS for NGINX.
 
 **NGINX App Protect WAF**:
 - `APPolicy`
 - `APLogConf`
 - `APUserSig`
 
-**NGINX App Protect DoS**:
+**F5 DoS for NGINX**:
 - `APDosPolicy`
 - `APDosLogConf`
 - `DosProtectedResource`
@@ -96,7 +96,7 @@ There are optional CRDs that are necessary if you want to use NGINX App Protect
 kubectl apply -f https://raw.githubusercontent.com/nginx/kubernetes-ingress/v{{< nic-version >}}/deploy/crds-nap-waf.yaml
 ```
 
-**NGINX App Protect DoS**:
+**F5 DoS for NGINX**:
 
 ```shell
 kubectl apply -f https://raw.githubusercontent.com/nginx/kubernetes-ingress/v{{< nic-version >}}/deploy/crds-nap-dos.yaml
@@ -116,7 +116,7 @@ kubectl apply -f config/crd/bases/appprotect.f5.com_appolicies.yaml
 kubectl apply -f config/crd/bases/appprotect.f5.com_apusersigs.yaml
 ```
 
-**NGINX App Protect DoS**:
+**F5 DoS for NGINX**:
 
 ```shell
 kubectl apply -f config/crd/bases/appprotectdos.f5.com_apdoslogconfs.yaml
@@ -272,7 +272,7 @@ Connect to ports 80 and 443 using the IP address of any node in the cluster wher
     kubectl apply -f https://raw.githubusercontent.com/nginx/kubernetes-ingress/v{{< nic-version >}}/deploy/crds-nap-waf.yaml
     ```
 
-   3. Delete custom resource definitions for the NGINX App Protect DoS module:
+   3. Delete custom resource definitions for the F5 DoS for NGINX module:
    ```shell
     kubectl apply -f https://raw.githubusercontent.com/nginx/kubernetes-ingress/v{{< nic-version >}}/deploy/crds-nap-dos.yaml
     ```
@@ -290,7 +290,7 @@ kubectl delete -f config/crd/bases/crds.yaml
 kubectl apply -f config/crd/bases/crds-nap-waf.yaml
 ```
 
-3. Delete custom resource definitions for the NGINX App Protect DoS module:
+3. Delete custom resource definitions for the F5 DoS for NGINX module:
 ```shell
 kubectl apply -f config/crd/bases/crds-nap-dos.yaml
 ```
diff --git a/content/nic/installation/integrations/app-protect-dos/_index.md b/content/nic/installation/integrations/app-protect-dos/_index.md
index 6f2685996..fc6c0082c 100644
--- a/content/nic/installation/integrations/app-protect-dos/_index.md
+++ b/content/nic/installation/integrations/app-protect-dos/_index.md
@@ -1,6 +1,6 @@
 ---
-title: NGINX App Protect DoS
-description: Learn how to use NGINX Ingress Controller for Kubernetes with NGINX App Protect DoS.
+title: F5 DoS for NGINX
+description: Learn how to use NGINX Ingress Controller for Kubernetes with F5 DoS for NGINX.
 weight: 300
 menu:
   docs:
diff --git a/content/nic/installation/integrations/app-protect-dos/configuration.md b/content/nic/installation/integrations/app-protect-dos/configuration.md
index 0b39faee8..8ce84d042 100644
--- a/content/nic/installation/integrations/app-protect-dos/configuration.md
+++ b/content/nic/installation/integrations/app-protect-dos/configuration.md
@@ -161,4 +161,4 @@ Then add a reference in the `DosProtectedResource` to the `APDosLogConf`:
 
 ## Global Configuration
 
-NGINX Ingress Controller has a set of global configuration parameters that align with those available in the NGINX App Protect DoS module. See [ConfigMap keys]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#modules" >}}) for the complete list. The App Protect parameters use the `app-protect-dos*` prefix.
+NGINX Ingress Controller has a set of global configuration parameters that align with those available in the F5 DoS for NGINX module. See [ConfigMap keys]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#modules" >}}) for the complete list. The App Protect parameters use the `app-protect-dos*` prefix.
diff --git a/content/nic/installation/integrations/app-protect-dos/dos-protected.md b/content/nic/installation/integrations/app-protect-dos/dos-protected.md
index cfb112eb3..771b84533 100644
--- a/content/nic/installation/integrations/app-protect-dos/dos-protected.md
+++ b/content/nic/installation/integrations/app-protect-dos/dos-protected.md
@@ -7,9 +7,9 @@ nd-product: NIC
 nd-docs: DOCS-581
 ---
 
-NGINX App Protect DoS protected resource specification
+F5 DoS for NGINX protected resource specification
 
-{{< call-out "note" >}} This feature is only available using the NGINX Plus [NGINX App Protect DoS Module]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md" >}}). {{< /call-out >}}
+{{< call-out "note" >}} This feature is only available using the NGINX Plus [F5 DoS for NGINX Module]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md" >}}). {{< /call-out >}}
 
 ## DoS Protected resource specification
 
@@ -30,12 +30,12 @@ spec:
 {{% table %}}
 |Field | Description | Type | Required |
 | ---| ---| ---| --- |
-|``enable`` | Enables NGINX App Protect DoS, Default value: false. | ``bool`` | No |
+|``enable`` | Enables F5 DoS for NGINX, Default value: false. | ``bool`` | No |
 |``name`` | Name of the protected object, max of 63 characters. | ``string`` | Yes |
 |``dosAccessLogDest`` | The log destination for the access log with dos log format. Accepted variables are ``<ip-address \| localhost \| fqdn>:<port>`` or ``stderr``. | ``string`` | No |
 |``apDosMonitor.uri`` | The destination to the desired protected object. [App Protect DoS monitor](#dosprotectedresourceapdosmonitor) Default value: None, URL will be extracted from the first request which arrives and taken from "Host" header or from destination ip+port. | ``string`` | No |
 |``apDosMonitor.protocol`` | Determines if the server listens on http1 / http2 / grpc / websocket. [App Protect DoS monitor](#dosprotectedresourceapdosmonitor) Default value: http1. | ``enum`` | No |
-|``apDosMonitor.timeout`` | Determines how long (in seconds) should NGINX App Protect DoS wait for a response. [App Protect DoS monitor](#dosprotectedresourceapdosmonitor) Default value: 10 seconds for http1/http2 and 5 seconds for grpc. | ``int64`` | No |
+|``apDosMonitor.timeout`` | Determines how long (in seconds) should F5 DoS for NGINX wait for a response. [App Protect DoS monitor](#dosprotectedresourceapdosmonitor) Default value: 10 seconds for http1/http2 and 5 seconds for grpc. | ``int64`` | No |
 |``apDosPolicy`` | The [App Protect DoS policy](#dosprotectedresourceapdospolicy) of the dos. Accepts an optional namespace. | ``string`` | No |
 |``dosSecurityLog.enable`` | Enables security log. | ``bool`` | No |
 |``dosSecurityLog.apDosLogConf`` | The [App Protect DoS log conf]({{< ref "/nic/installation/integrations/app-protect-dos/configuration.md#app-protect-dos-logs" >}}) resource. Accepts an optional namespace. | ``string`` | No |
@@ -49,7 +49,7 @@ The `apDosPolicy` is a reference (qualified identifier in the format `namespace/
 
 ### DosProtectedResource.apDosMonitor
 
-This is how NGINX App Protect DoS monitors the stress level of the protected object. The monitor requests are sent from localhost (127.0.0.1).
+This is how F5 DoS for NGINX monitors the stress level of the protected object. The monitor requests are sent from localhost (127.0.0.1).
 
 ### Invalid DoS Protected resources
 
diff --git a/content/nic/installation/integrations/app-protect-dos/installation.md b/content/nic/installation/integrations/app-protect-dos/installation.md
index 28c56060d..725a6075c 100644
--- a/content/nic/installation/integrations/app-protect-dos/installation.md
+++ b/content/nic/installation/integrations/app-protect-dos/installation.md
@@ -1,5 +1,5 @@
 ---
-title: Build NGINX Ingress Controller with NGINX App Protect DoS
+title: Build NGINX Ingress Controller with F5 DoS for NGINX
 weight: 100
 toc: true
 type: how-to
@@ -7,19 +7,19 @@ product: NIC
 nd-docs: DOCS-583
 ---
 
-This document explains how to build an image for F5 NGINX Ingress Controller with NGINX App Protect DoS from source code.
+This document explains how to build an image for F5 NGINX Ingress Controller with F5 DoS for NGINX from source code.
 
 {{<call-out "tip" "Pre-built image alternatives" >}}If you'd rather not build your own NGINX Ingress Controller image, see the [pre-built image options](#pre-built-images) at the end of this guide.{{</call-out>}}
 
 ## Before you start
 
-- To use NGINX App Protect DoS with NGINX Ingress Controller, you must have NGINX Plus.
+- To use F5 DoS for NGINX with NGINX Ingress Controller, you must have NGINX Plus.
 
 ---
 
 ## Prepare the environment {#prepare-environment}
 
-Get your system ready for building and pushing the NGINX Ingress Controller image with NGINX App Protect DoS.
+Get your system ready for building and pushing the NGINX Ingress Controller image with F5 DoS for NGINX.
 
 1. Sign in to your private registry. Replace `<my-docker-registry>` with the path to your own private registry.
 
@@ -45,7 +45,7 @@ Get your system ready for building and pushing the NGINX Ingress Controller imag
 
 ## Build the image {#build-docker-image}
 
-Follow these steps to build the NGINX Controller Image with NGINX App Protect DoS.
+Follow these steps to build the NGINX Controller Image with F5 DoS for NGINX.
 
 1. Place your NGINX Plus license files (_nginx-repo.crt_ and _nginx-repo.key_) in the project's root folder. To verify they're in place, run:
 
@@ -65,7 +65,7 @@ Follow these steps to build the NGINX Controller Image with NGINX App Protect Do
     make <makefile target> PREFIX=<my-docker-registry>/nginx-plus-ingress TARGET=download
     ```
 
-    For example, to build a Debian-based image with NGINX Plus and NGINX App Protect DoS, run:
+    For example, to build a Debian-based image with NGINX Plus and F5 DoS for NGINX, run:
 
     ```shell
     make debian-image-dos-plus PREFIX=<my-docker-registry>/nginx-plus-ingress TARGET=download
@@ -80,10 +80,10 @@ Follow these steps to build the NGINX Controller Image with NGINX App Protect Do
 {{<bootstrap-table "table table-striped table-bordered">}}
 | Makefile Target           | Description                                                       | Compatible Systems  |
 |---------------------------|-------------------------------------------------------------------|---------------------|
-| **debian-image-dos-plus** | Builds a Debian-based image with NGINX Plus and the [NGINX App Protect DoS](/nginx-app-protect-dos/) module. | Debian  |
-| **debian-image-nap-dos-plus** | Builds a Debian-based image with NGINX Plus, [NGINX App Protect DoS](/nginx-app-protect-dos/), and [NGINX App Protect WAF](/nginx-app-protect/). | Debian  |
-| **ubi-image-dos-plus**    | Builds a UBI-based image with NGINX Plus and the [NGINX App Protect DoS](/nginx-app-protect-dos/) module. | OpenShift |
-| **ubi-image-nap-dos-plus** | Builds a UBI-based image with NGINX Plus, [NGINX App Protect DoS](/nginx-app-protect-dos/), and [NGINX App Protect WAF](/nginx-app-protect/). | OpenShift |
+| **debian-image-dos-plus** | Builds a Debian-based image with NGINX Plus and the [F5 DoS for NGINX](/nginx-app-protect-dos/) module. | Debian  |
+| **debian-image-nap-dos-plus** | Builds a Debian-based image with NGINX Plus, [F5 DoS for NGINX](/nginx-app-protect-dos/), and [NGINX App Protect WAF](/nginx-app-protect/). | Debian  |
+| **ubi-image-dos-plus**    | Builds a UBI-based image with NGINX Plus and the [F5 DoS for NGINX](/nginx-app-protect-dos/) module. | OpenShift |
+| **ubi-image-nap-dos-plus** | Builds a UBI-based image with NGINX Plus, [F5 DoS for NGINX](/nginx-app-protect-dos/), and [NGINX App Protect WAF](/nginx-app-protect/). | OpenShift |
 {{</bootstrap-table>}}
 
 <br>
@@ -94,7 +94,7 @@ Follow these steps to build the NGINX Controller Image with NGINX App Protect Do
 
 ## Push the image to your private registry
 
-Once you've successfully built the NGINX Ingress Controller image with NGINX App Protect DoS, the next step is to upload it to your private Docker registry. This makes the image available for deployment to your Kubernetes cluster.
+Once you've successfully built the NGINX Ingress Controller image with F5 DoS for NGINX, the next step is to upload it to your private Docker registry. This makes the image available for deployment to your Kubernetes cluster.
 
 To upload the image, run the following command. If you're using a custom tag, add `TAG=your-tag` to the end of the command. Replace `<my-docker-registry>` with your private registry's path.
 
@@ -180,7 +180,7 @@ kubectl apply -f config/crd/bases/appprotectdos.f5.com_dosprotectedresources.yam
 
 ### Helm Chart
 
-The App Protect DoS Arbitrator can be installed using the [NGINX App Protect DoS Helm Chart](https://github.com/nginxinc/nap-dos-arbitrator-helm-chart).
+The App Protect DoS Arbitrator can be installed using the [F5 DoS for NGINX Helm Chart](https://github.com/nginxinc/nap-dos-arbitrator-helm-chart).
 If you have the NGINX Helm Repository already added, you can install the App Protect DoS Arbitrator by running the following command:
 
 ```shell
@@ -206,9 +206,9 @@ Alternatively, you can install the App Protect DoS Arbitrator using the YAML man
 
 ---
 
-## Enable NGINX App Protect DoS module
+## Enable F5 DoS for NGINX module
 
-To enable the NGINX App Protect DoS Module:
+To enable the F5 DoS for NGINX Module:
 
 - Add the `enable-app-protect-dos` [command-line argument]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md#cmdoption-enable-app-protect-dos" >}}) to your Deployment or DaemonSet file.
 
diff --git a/content/nic/installation/integrations/app-protect-dos/troubleshoot-app-protect-dos.md b/content/nic/installation/integrations/app-protect-dos/troubleshoot-app-protect-dos.md
index 323c2d53e..4d23b1a44 100644
--- a/content/nic/installation/integrations/app-protect-dos/troubleshoot-app-protect-dos.md
+++ b/content/nic/installation/integrations/app-protect-dos/troubleshoot-app-protect-dos.md
@@ -1,5 +1,5 @@
 ---
-title: Troubleshoot NGINX App Protect DoS
+title: Troubleshoot F5 DoS for NGINX
 toc: true
 weight: 400
 nd-content-type: how-to
diff --git a/content/nic/installation/integrations/app-protect-waf-v5/installation.md b/content/nic/installation/integrations/app-protect-waf-v5/installation.md
index 207b8bc54..18a5478c8 100644
--- a/content/nic/installation/integrations/app-protect-waf-v5/installation.md
+++ b/content/nic/installation/integrations/app-protect-waf-v5/installation.md
@@ -92,7 +92,7 @@ Create Docker image for NGINX Ingress Controller (Alpine with NGINX Plus, NGINX
 | **alpine-image-nap-v5-plus-fips** | Builds a Alpine-based image with NGINX Plus and the [NGINX App Protect WAF v5](/nginx-app-protect-waf/v5/) module with FIPS. | Alpine  |
 | **debian-image-nap-v5-plus** | Builds a Debian-based image with NGINX Plus and the [NGINX App Protect WAF v5](/nginx-app-protect-waf/v5/) module. | Debian  |
 | **ubi-image-nap-v5-plus**    | Builds a UBI-based image with NGINX Plus and the [NGINX App Protect WAF v5](/nginx-app-protect-waf/v5/) module. | OpenShift |
-| **ubi-image-nap-dos-v5-plus** | Builds a UBI-based image with NGINX Plus, [NGINX App Protect WAF v5](/nginx-app-protect-waf/v5/), and [NGINX App Protect DoS](/nginx-app-protect-dos/). | OpenShift |
+| **ubi-image-nap-dos-v5-plus** | Builds a UBI-based image with NGINX Plus, [NGINX App Protect WAF v5](/nginx-app-protect-waf/v5/), and [F5 DoS for NGINX](/nginx-app-protect-dos/). | OpenShift |
 {{</bootstrap-table>}}
 
 <br>
@@ -479,7 +479,7 @@ Add `readOnlyRootFilesystem` to the `waf-enforcer` container and set value to `t
 
 ### Enable NGINX App Protect WAF module
 
-To enable the NGINX App Protect DoS Module:
+To enable the F5 DoS for NGINX Module:
 
 - Add the `enable-app-protect` [command-line argument]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md#cmdoption-enable-app-protect" >}}) to your Deployment or DaemonSet file.
 
diff --git a/content/nic/installation/integrations/app-protect-waf/installation.md b/content/nic/installation/integrations/app-protect-waf/installation.md
index d149c3b1b..68664a214 100644
--- a/content/nic/installation/integrations/app-protect-waf/installation.md
+++ b/content/nic/installation/integrations/app-protect-waf/installation.md
@@ -56,7 +56,7 @@ Follow these steps to build the NGINX Controller Image with NGINX App Protect WA
     make <makefile target> PREFIX=<my-docker-registry>/nginx-plus-ingress TARGET=download
     ```
 
-    For example, to build a Debian-based image with NGINX Plus and NGINX App Protect DoS, run:
+    For example, to build a Debian-based image with NGINX Plus and F5 DoS for NGINX, run:
 
     ```shell
     make debian-image-dos-plus PREFIX=<my-docker-registry>/nginx-plus-ingress TARGET=download
@@ -72,9 +72,9 @@ Follow these steps to build the NGINX Controller Image with NGINX App Protect WA
 | Makefile Target           | Description                                                       | Compatible Systems  |
 |---------------------------|-------------------------------------------------------------------|---------------------|
 | **debian-image-nap-plus** | Builds a Debian-based image with NGINX Plus and the [NGINX App Protect WAF](/nginx-app-protect-waf/) module. | Debian  |
-| **debian-image-nap-dos-plus** | Builds a Debian-based image with NGINX Plus, [NGINX App Protect WAF](/nginx-app-protect-waf/), and [NGINX App Protect DoS](/nginx-app-protect-dos/) | Debian  |
+| **debian-image-nap-dos-plus** | Builds a Debian-based image with NGINX Plus, [NGINX App Protect WAF](/nginx-app-protect-waf/), and [F5 DoS for NGINX](/nginx-app-protect-dos/) | Debian  |
 | **ubi-image-nap-plus**    | Builds a UBI-based image with NGINX Plus and the [NGINX App Protect WAF](/nginx-app-protect-waf/) module. | OpenShift |
-| **ubi-image-nap-dos-plus** | Builds a UBNI-based image with NGINX Plus, [NGINX App Protect WAF](/nginx-app-protect-waf/), and [NGINX App Protect DoS](/nginx-app-protect-dos/). | OpenShift |
+| **ubi-image-nap-dos-plus** | Builds a UBNI-based image with NGINX Plus, [NGINX App Protect WAF](/nginx-app-protect-waf/), and [F5 DoS for NGINX](/nginx-app-protect-dos/). | OpenShift |
 {{</bootstrap-table>}}
 
 <br>
@@ -199,7 +199,7 @@ volumeMounts:
 
 ## Enable NGINX App Protect WAF module
 
-To enable the NGINX App Protect DoS Module:
+To enable the F5 DoS for NGINX Module:
 
 - Add the `enable-app-protect` [command-line argument]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md#cmdoption-enable-app-protect" >}}) to your Deployment or DaemonSet file.
 
diff --git a/content/nic/installation/nic-images/registry-download.md b/content/nic/installation/nic-images/registry-download.md
index c37c00e05..5cc20429b 100644
--- a/content/nic/installation/nic-images/registry-download.md
+++ b/content/nic/installation/nic-images/registry-download.md
@@ -9,7 +9,7 @@ nd-docs: DOCS-605
 
 This page describes how to download an F5 NGINX Plus Ingress Controller image from the official F5 Docker registry.
 
-The F5 Registry images include versions with NGINX App Protect WAF and NGINX App Protect DoS.
+The F5 Registry images include versions with NGINX App Protect WAF and F5 DoS for NGINX.
 
 ## Before you begin
 
@@ -65,13 +65,13 @@ Replace `<version-tag>` with the specific version you need, for example, `{{< ni
    docker pull private-registry.nginx.com/nap/waf-enforcer:<waf-version-tag>
    ```
 
-- For NGINX Plus Ingress Controller with NGINX App Protect DoS, run:
+- For NGINX Plus Ingress Controller with F5 DoS for NGINX, run:
 
    ```shell
    docker pull private-registry.nginx.com/nginx-ic-dos/nginx-plus-ingress:<version-tag>
    ```
 
-- For NGINX Plus Ingress Controller with NGINX App Protect WAF and NGINX App Protect DoS, run:
+- For NGINX Plus Ingress Controller with NGINX App Protect WAF and F5 DoS for NGINX, run:
 
    ```shell
    docker pull private-registry.nginx.com/nginx-ic-nap-dos/nginx-plus-ingress:<version-tag>
@@ -166,7 +166,7 @@ After pulling the image, tag it and upload it to your private registry.
       docker push <my-docker-registry>/nap/waf-enforcer:<waf-version-tag>
       ```
 
-   - For NGINX Controller with NGINX App Protect DoS, run:
+   - For NGINX Controller with F5 DoS for NGINX, run:
 
       ```shell
       docker tag private-registry.nginx.com/nginx-ic-dos/nginx-plus-ingress:<version-tag> <my-docker-registry>/nginx-ic-dos/nginx-plus-ingress:<version-tag>
diff --git a/content/nic/logging-and-monitoring/status-page.md b/content/nic/logging-and-monitoring/status-page.md
index 8d7c42983..4cfda9d50 100644
--- a/content/nic/logging-and-monitoring/status-page.md
+++ b/content/nic/logging-and-monitoring/status-page.md
@@ -13,7 +13,7 @@ NGINX comes with a status page that reports basic metrics about NGINX called the
 
 NGINX Plus comes with a [dashboard]({{< ref "/nginx/admin-guide/monitoring/live-activity-monitoring.md" >}}) that reports key load-balancing and performance metrics.
 
-NGINX App Protect DoS comes with a [dashboard]({{< ref "/nap-dos/monitoring/live-activity-monitoring.md" >}}) that shows the status and information of the protected objects.
+F5 DoS for NGINX comes with a [dashboard]({{< ref "/nap-dos/monitoring/live-activity-monitoring.md" >}}) that shows the status and information of the protected objects.
 This doc shows how to get access to the stub status/dashboard.
 
 ## Accessing Stub Status
diff --git a/content/nic/releases.md b/content/nic/releases.md
index c84783b58..3b30b224a 100644
--- a/content/nic/releases.md
+++ b/content/nic/releases.md
@@ -1121,7 +1121,7 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 
 - Update NGINX Plus version to R28.
 - Update NGINX App Protect WAF version to 4.0.
-- Update NGINX App Protect DoS version to 3.1.
+- Update F5 DoS for NGINX version to 3.1.
 
 ### <i class="fa-solid fa-download"></i> Upgrade
 
@@ -1456,7 +1456,7 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 
 ### <i class="fa-solid fa-magnifying-glass"></i> Overview
 
-- Support for NGINX App Protect Denial of Service protection with NGINX Ingress Controller. More information about [NGINX App Protect DoS](https://www.nginx.com/products/nginx-app-protect/denial-of-service/). Examples for configuring NGINX App Protect DoS with NGINX Ingress Controller can be found [here](https://github.com/nginx/kubernetes-ingress/tree/v2.1.1/examples/appprotect-dos).
+- Support for NGINX App Protect Denial of Service protection with NGINX Ingress Controller. More information about [F5 DoS for NGINX](https://www.nginx.com/products/nginx-app-protect/denial-of-service/). Examples for configuring F5 DoS for NGINX with NGINX Ingress Controller can be found [here](https://github.com/nginx/kubernetes-ingress/tree/v2.1.1/examples/appprotect-dos).
 
 - Full support for gRPC services using the NGINX Ingress Controller [VirtualServer and VirtualServerRoute]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md" >}}) custom resource definitions.  This makes configuring and supporting gRPC services much easier, giving a simple YAML configuration and removing the need for snippets. Resource definition examples for gRPC can be found [here](https://github.com/nginx/kubernetes-ingress/tree/v2.1.1/examples/custom-resources/grpc-upstreams).
 
@@ -1468,7 +1468,7 @@ More about the [NGINX Plus mandatory and persistent health check features]({{< r
 ### <i class="fa-solid fa-rocket"></i> Features
 
 - [2251](https://github.com/nginx/kubernetes-ingress/pull/2251) Enable setting mandatory and persistent in upstream healthchecks in VS and VSR.
-- [2241](https://github.com/nginx/kubernetes-ingress/pull/2241) Add support for NGINX App Protect DoS.
+- [2241](https://github.com/nginx/kubernetes-ingress/pull/2241) Add support for F5 DoS for NGINX.
 - [2200](https://github.com/nginx/kubernetes-ingress/pull/2200) Add Alpine image with OpenTracing.
 - [2178](https://github.com/nginx/kubernetes-ingress/pull/2178) Support healthchecks in gRPC upstreams.
 - [2110](https://github.com/nginx/kubernetes-ingress/pull/2110) Support gRPC in the Upstreams of the virtual server resources. Particular thanks to [Chiyu Zhong](https://github.com/CatTail) for all their work.
diff --git a/content/nic/technical-specifications.md b/content/nic/technical-specifications.md
index b493ac7e3..fa9f9f08b 100644
--- a/content/nic/technical-specifications.md
+++ b/content/nic/technical-specifications.md
@@ -74,12 +74,12 @@ NGINX Plus images are available through the F5 Container registry `private-regis
 |Debian-based image | ``debian:12-slim`` | NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic/nginx-plus-ingress:{{< nic-version >}}` | arm64<br>amd64 |
 |Debian-based image with NGINX App Protect WAF | ``debian:12-slim`` | NGINX App Protect WAF<br>NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic-nap/nginx-plus-ingress:{{< nic-version >}}` | amd64 |
 |Debian-based image with NGINX App Protect WAF v5 | ``debian:12-slim`` | NGINX App Protect WAF v5<br>NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic-nap-v5/nginx-plus-ingress:{{< nic-version >}}` | amd64 |
-|Debian-based image with NGINX App Protect DoS | ``debian:12-slim`` | NGINX App Protect DoS<br>NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic-dos/nginx-plus-ingress:{{< nic-version >}}` | amd64 |
+|Debian-based image with F5 DoS for NGINX | ``debian:12-slim`` | F5 DoS for NGINX<br>NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic-dos/nginx-plus-ingress:{{< nic-version >}}` | amd64 |
 |Debian-based image with NGINX App Protect WAF and DoS | ``debian:12-slim`` | NGINX App Protect WAF and DoS<br>NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic-nap-dos/nginx-plus-ingress:{{< nic-version >}}` | amd64 |
 |Ubi-based image | ``redhat/ubi9-minimal`` | NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic/nginx-plus-ingress:{{< nic-version >}}-ubi` | arm64<br>amd64 |
 |Ubi-based image with NGINX App Protect WAF | ``redhat/ubi9`` | NGINX App Protect WAF<br>NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic-nap/nginx-plus-ingress:{{< nic-version >}}-ubi` | amd64 |
 |Ubi-based image with NGINX App Protect WAF v5 | ``redhat/ubi9`` | NGINX App Protect WAF v5<br>NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic-nap-v5/nginx-plus-ingress:{{< nic-version >}}-ubi` | amd64 |
-|Ubi-based image with NGINX App Protect DoS | ``redhat/ubi8`` | NGINX App Protect DoS<br>NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic-dos/nginx-plus-ingress:{{< nic-version >}}-ubi` | amd64 |
+|Ubi-based image with F5 DoS for NGINX | ``redhat/ubi8`` | F5 DoS for NGINX<br>NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic-dos/nginx-plus-ingress:{{< nic-version >}}-ubi` | amd64 |
 |Ubi-based image with NGINX App Protect WAF and DoS | ``redhat/ubi8`` | NGINX App Protect WAF and DoS<br>NJS (NGINX JavaScript)<br>OpenTelemetry | `nginx-ic-nap-dos/nginx-plus-ingress:{{< nic-version >}}-ubi` | amd64 |
 {{% /bootstrap-table %}}
 
diff --git a/content/nim/_index.md b/content/nim/_index.md
index c46d14a2e..74cbc7561 100644
--- a/content/nim/_index.md
+++ b/content/nim/_index.md
@@ -110,7 +110,7 @@ NGINX Instance Manager is part of NGINX One, which includes [NGINX One component
     {{< card title="NGINX App Protect WAF" titleUrl="/nginx-app-protect-waf" brandIcon="NGINX-App-Protect-WAF-product-icon.png">}}
       Lightweight, high-performance, advanced protection against Layer 7 attacks on your apps and APIs.
     {{</ card >}}
-    {{< card title="NGINX App Protect DoS" titleUrl="/nginx-app-protect-dos" brandIcon="NGINX-App-Protect-DoS-product-icon.png">}}
+    {{< card title="F5 DoS for NGINX" titleUrl="/nginx-app-protect-dos" brandIcon="NGINX-App-Protect-DoS-product-icon.png">}}
       Defend, adapt, and mitigate against Layer 7 denial-of-service attacks on your apps and APIs.
     {{</ card >}}
   {{</ card-section >}}
diff --git a/content/solutions/about-subscription-licenses.md b/content/solutions/about-subscription-licenses.md
index 8aba61588..0faf57e5b 100644
--- a/content/solutions/about-subscription-licenses.md
+++ b/content/solutions/about-subscription-licenses.md
@@ -207,9 +207,9 @@ For details on installing or upgrading NGINX App Protect WAF, visit the guide fo
 - [NGINX App Protect WAF v4 installation guide]({{< ref "/nap-waf/v4/admin-guide/install.md" >}})
 - [NGINX App Protect WAF v5 installation guide]({{< ref "/nap-waf/v5/admin-guide/install.md" >}})
 
-### NGINX App Protect DoS
+### F5 DoS for NGINX
 
-For detailed instructions on installing or upgrading NGINX App Protect DoS, visit the [NGINX App Protect DoS installation guide]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md" >}}).
+For detailed instructions on installing or upgrading F5 DoS for NGINX, visit the [F5 DoS for NGINX installation guide]({{< ref "/nap-dos/deployment-guide/learn-about-deployment.md" >}}).
 
 ## Watch instructional videos
 
diff --git a/content/waf/_index.md b/content/waf/_index.md
new file mode 100644
index 000000000..36f6fdaf2
--- /dev/null
+++ b/content/waf/_index.md
@@ -0,0 +1,39 @@
+---
+# The title is the product name
+title: "F5 WAF for NGINX"
+# The URL is the base of the deployed path, becoming "docs.nginx.com/<url>/<other-pages>"
+url: /waf/
+# The cascade directive applies its nested parameters down the page tree until overwritten
+cascade:
+  # The logo file is resolved from the theme, in the folder /static/images/icons/
+  logo: NGINX-App-Protect-WAF-product-icon.svg
+# The subtitle displays directly underneath the heading of a given page
+nd-subtitle: A lightweight, high-performance web application firewall for protecting APIs and applications
+# Indicates that this is a custom landing page
+nd-landing-page: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: landing-page
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+## About
+
+Defend your applications and APIs with a software security solution that seamlessly integrates into DevOps environments as a lightweight web application firewall (WAF), layer 7 denial-of-service (DoS) protection, bot protection, API security, and threat intelligence services.
+
+## Featured content
+
+{{<card-layout>}}
+  {{<card-section showAsCards="true" isFeaturedSection="true">}}
+  {{<card title="Overview" titleUrl="/waf/fundamentals/overview">}}
+      Learn about how F5 WAF for NGINX works and how it can be used to protect your applications
+    {{</card>}}
+    {{<card title="Install F5 WAF for NGINX" titleUrl="/waf/install" >}}
+      Explore the methods available to deploy F5 WAF for NGINX in your environment
+    {{</card>}}
+    {{<card title="Changelog" titleUrl="/waf/changelog" icon="clock-alert">}}
+      Review the latest changes and improvements to F5 WAF for NGINX
+    {{</card>}}
+  {{</card-section>}}
+{{</card-layout>}}
diff --git a/content/waf/changelog.md b/content/waf/changelog.md
new file mode 100644
index 000000000..e8ffa95de
--- /dev/null
+++ b/content/waf/changelog.md
@@ -0,0 +1,159 @@
+---
+# We use sentence case and present imperative tone
+title: "Changelog"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 800
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: reference
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to act as a single reference point for changes between each release. "Changelog" is the term being adopted across the entire NGINX product ecosystem.
+
+Since both versions of NGINX App Protect WAF are released at the same time, they can be stored in the same note. Change items for only one specific version are explicitly annotated when necessary.
+
+Updating the content of this page will likely be automated in the future, following some procedural changes to how tickets are managed within JIRA.
+
+{{</ call-out>}}
+
+This changelog lists all of the information for F5 WAF for NGINX releases in 2025.
+
+For older releases, check the changelogs for previous years: [2024](), [2023]().
+
+## NGINX App Protect WAF 5.7 / 4.15
+
+### New features
+
+- Added support for Rocky Linux 9
+- Added support for IP Intelligence
+- Added support for Override rules for IP Address Lists
+
+### Important notes
+
+- Ubuntu 20.04 is no longer supported
+- (12447) Upgrade libk5crypto3 package
+- (12520) Upgrade Go compiler to 1.23.8
+
+### Resolved issues
+
+- (12527) Remove CPAN - installed certs and source files
+- (11112) Remove systemd/init.d leftovers in NAP WAF v5 pkgs
+- (12400) Cookie attributes are not added to a TS cookie when there is more than one TS cookie
+- (12498) Undefined behavior when using huge XFF
+- (12731) Multiple clean_resp_reset internal error messages in logs when loading NAP
+
+### 5.7 packages
+
+#### NGINX Open Source
+
+| Distribution name        | Package file                                                      |
+|--------------------------|-------------------------------------------------------------------|
+| Alpine 3.19              | _app-protect-module-oss-1.27.4+5.442.0-r1.apk_                    |
+| Amazon Linux 2023        | _app-protect-module-oss-1.27.4+5.442.0-1.amzn2023.ngx.x86_64.rpm_ |
+| Debian 11                | _app-protect-module-oss_1.27.4+5.442.0-1\~bullseye_amd64.deb_     |
+| Debian 12                | _app-protect-module-oss_1.27.4+5.442.0-1\~bookworm_amd64.deb_     |
+| Oracle Linux 8.1         | _app-protect-module-oss-1.27.4+5.442.0-1.el8.ngx.x86_64.rpm_      |
+| Ubuntu 22.04             | _app-protect-module-oss_1.27.4+5.442.0-1\~jammy_amd64.deb_        |
+| Ubuntu 24.04             | _app-protect-module-oss_1.27.4+5.442.0-1\~noble_amd64.deb_        |
+| RHEL 8 and Rocky Linux 8 | _app-protect-module-oss-1.27.4+5.442.0-1.el8.ngx.x86_64.rpm_      |
+| RHEL 9 and Rocky Linux 9 | _app-protect-module-oss-1.27.4+5.442.0-1.el9.ngx.x86_64.rpm_      |
+
+#### NGINX Plus
+
+| Distribution name        | Package file                                                   |
+|--------------------------|----------------------------------------------------------------|
+| Alpine 3.19              | _app-protect-module-plus-34+5.442.0-r1.apk_                    |
+| Amazon Linux 2023        | _app-protect-module-plus-34+5.442.0-1.amzn2023.ngx.x86_64.rpm_ |
+| Debian 11                | _app-protect-module-plus_34+5.442.0-1\~bullseye_amd64.deb_     |
+| Debian 12                | _app-protect-module-plus_34+5.442.0-1\~bookworm_amd64.deb_     |
+| Oracle Linux 8.1         | _app-protect-module-plus-34+5.442.0-1.el8.ngx.x86_64.rpm_      |
+| Ubuntu 22.04             | _app-protect-module-plus_34+5.442.0-1\~jammy_amd64.deb_        |
+| Ubuntu 24.04             | _app-protect-module-plus_34+5.442.0-1\~noble_amd64.deb_        |
+| RHEL 8 and Rocky Linux 8 | _app-protect-module-plus-34+5.442.0-1.el8.ngx.x86_64.rpm_      |
+| RHEL 9 and Rocky Linux 9 | _app-protect-module-plus-34+5.442.0-1.el9.ngx.x86_64.rpm_      |
+
+### 4.15 packages
+
+| Distribution name        | Package file                                       |
+|--------------------------|----------------------------------------------------|
+| Alpine 3.19              | _app-protect-34.5.442.0-r1.apk_                    |
+| Amazon Linux 2023        | _app-protect-34+5.442.0-1.amzn2023.ngx.x86_64.rpm_ |
+| Debian 11                | _app-protect_34+5.442.0-1\~bullseye_amd64.deb_     |
+| Debian 12                | _app-protect_34+5.442.0-1\~bookworm_amd64.deb_     |
+| Oracle Linux 8.1         | _app-protect-34+5.442.0-1.el8.ngx.x86_64.rpm_      |
+| Ubuntu 22.04             | _app-protect_34+5.442.0-1\~jammy_amd64.deb_        |
+| Ubuntu 24.04             | _app-protect_34+5.442.0-1\~noble_amd64.deb_        |
+| RHEL 8 and Rocky Linux 8 | _app-protect-34+5.442.0-1.el8.ngx.x86_64.rpm_      |
+| RHEL 9 and Rocky Linux 9 | _app-protect-34+5.442.0-1.el9.ngx.x86_64.rpm_      |
+
+## NGINX App Protect WAF 5.6 / 4.14
+
+### New features
+
+- Added support for NGINX Plus R34
+- **5.6 Only:** You can now [deploy NGINX App Protect WAF 5+ using a Helm chart]({{< ref "/nap-waf/v5/admin-guide/deploy-with-helm.md">}})
+
+### Important notes
+
+- Alpine 3.17 is no longer supported
+
+### Resolved issues
+
+- Upgraded the Go compiler to 1.23.7
+- (12140) Changed the maximum memory of the XML processing engine to 8GB
+- (12254) A modified YAML file referenced by a JSON policy file causes a reload error when running `nginx -t`
+- (12296) "Violation Bad Unescape" is not enabled by default
+- (12297) "Violation Encoding" is not enabled by default
+
+### 5.6 packages
+
+#### NGINX Open Source
+
+| Distribution name        | Package file                                                      |
+|--------------------------|-------------------------------------------------------------------|
+| Alpine 3.19              | _app-protect-module-oss-1.27.4+5.342.0-r1.apk_                    |
+| Amazon Linux 2023        | _app-protect-module-oss-1.27.4+5.342.0-1.amzn2023.ngx.x86_64.rpm_ |
+| Debian 11                | _app-protect-module-oss_1.27.4+5.342.0-1\~bullseye_amd64.deb_     |
+| Debian 12                | _app-protect-module-oss_1.27.4+5.342.0-1\~bookworm_amd64.deb_     |
+| Oracle Linux 8.1         | _app-protect-module-oss-1.27.4+5.342.0-1.el8.ngx.x86_64.rpm_      |
+| Ubuntu 20.04             | _app-protect-module-oss_1.27.4+5.342.0-1\~focal_amd64.deb_        |
+| Ubuntu 22.04             | _app-protect-module-oss_1.27.4+5.342.0-1\~jammy_amd64.deb_        |
+| Ubuntu 24.04             | _app-protect-module-oss_1.27.4+5.342.0-1\~noble_amd64.deb_        |
+| RHEL 8 and Rocky Linux 8 | _app-protect-module-oss-1.27.4+5.342.0-1.el8.ngx.x86_64.rpm_      |
+| RHEL 9                   | _app-protect-module-oss-1.27.4+5.342.0-1.el9.ngx.x86_64.rpm_      |
+
+#### NGINX Plus
+
+| Distribution name        | Package file                                                   |
+|--------------------------|----------------------------------------------------------------|
+| Alpine 3.19              | _app-protect-module-plus-34+5.342.0-r1.apk_                    |
+| Amazon Linux 2023        | _app-protect-module-plus-34+5.342.0-1.amzn2023.ngx.x86_64.rpm_ |
+| Debian 11                | _app-protect-module-plus_34+5.342.0-1\~bullseye_amd64.deb_     |
+| Debian 12                | _app-protect-module-plus_34+5.342.0-1\~bookworm_amd64.deb_     |
+| Oracle Linux 8.1         | _app-protect-module-plus-34+5.342.0-1.el8.ngx.x86_64.rpm_      |
+| Ubuntu 20.04             | _app-protect-module-plus_34+5.342.0-1\~focal_amd64.deb_        |
+| Ubuntu 22.04             | _app-protect-module-plus_34+5.342.0-1\~jammy_amd64.deb_        |
+| Ubuntu 24.04             | _app-protect-module-plus_34+5.342.0-1\~noble_amd64.deb_        |
+| RHEL 8 and Rocky Linux 8 | _app-protect-module-plus-34+5.342.0-1.el8.ngx.x86_64.rpm_      |
+| RHEL 9                   | _app-protect-module-plus-34+5.342.0-1.el9.ngx.x86_64.rpm_      |
+
+### 4.14 packages
+
+| Distribution name        | Package file                                       |
+|--------------------------|----------------------------------------------------|
+| Alpine 3.19              | _app-protect-34.5.342.0-r1.apk_                    |
+| Amazon Linux 2023        | _app-protect-34+5.342.0-1.amzn2023.ngx.x86_64.rpm_ |
+| Debian 11                | _app-protect_34+5.342.0-1\~bullseye_amd64.deb_     |
+| Debian 12                | _app-protect_34+5.342.0-1\~bookworm_amd64.deb_     |
+| Oracle Linux 8.1         | _app-protect-34+5.342.0-1.el8.ngx.x86_64.rpm_      |
+| Ubuntu 20.04             | _app-protect_34+5.342.0-1\~focal_amd64.deb_        |
+| Ubuntu 22.04             | _app-protect_34+5.342.0-1\~jammy_amd64.deb_        |
+| Ubuntu 24.04             | _app-protect_34+5.342.0-1\~noble_amd64.deb_        |
+| RHEL 8 and Rocky Linux 8 | _app-protect-34+5.342.0-1.el8.ngx.x86_64.rpm_      |
+| RHEL 9                   | _app-protect-34+5.342.0-1.el9.ngx.x86_64.rpm_      |
\ No newline at end of file
diff --git a/content/waf/features/_index.md b/content/waf/features/_index.md
new file mode 100644
index 000000000..05cb5a884
--- /dev/null
+++ b/content/waf/features/_index.md
@@ -0,0 +1,6 @@
+---
+title: "Features"
+url: /app-protect-waf/features/
+weight: 700
+draft: true
+---
\ No newline at end of file
diff --git a/content/waf/fundamentals/_index.md b/content/waf/fundamentals/_index.md
new file mode 100644
index 000000000..ed0e1f6a7
--- /dev/null
+++ b/content/waf/fundamentals/_index.md
@@ -0,0 +1,5 @@
+---
+title: "Fundamentals"
+url: /app-protect-waf/fundamentals/
+weight: 100
+---
\ No newline at end of file
diff --git a/content/waf/fundamentals/overview.md b/content/waf/fundamentals/overview.md
new file mode 100644
index 000000000..c0839cae4
--- /dev/null
+++ b/content/waf/fundamentals/overview.md
@@ -0,0 +1,38 @@
+---
+# We use sentence case and present imperative tone
+title: "Overview"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 100
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to describing what NGINX App Protect is, expanding on the detail from the [landing page]({{< ref "/waf/" >}}).
+
+It is also an opportunity to explain the difference between NGINX App Protect versions, and how integrates with other products in the NGINX ecosystem.
+
+The text here will likely be synthesized from the Overview descriptions at the top of the [Administration Guides]({{< ref "/nap-waf/v4/admin-guide/install.md#overview" >}}), but there's also detail from [F5.com](https://www.f5.com/products/nginx/nginx-app-protect) that can be added.
+
+{{< /call-out >}}
+
+[F5 WAF for NGINX](https://www.f5.com/products/nginx/nginx-app-protect) is an advanced, lightweight and high-performance web application firewall (WAF) for applications and APIs. 
+
+It provides protection for the OWASP Top 10, with additional functionality:
+
+- HTTP response inspection and protocol compliance
+- Data schema validation (JSON & XML)
+- Meta character checking
+- Disallowing file types
+
+For more details, see the [Supported security policy features]({{< ref "/waf/fundamentals/technical-specifications.md#supported-security-policy-features">}}).
+
+F5 WAF for NGINX is part of the [NGINX One](https://www.f5.com/products/nginx/one) premium packages and runs natively on [NGINX Plus](https://www.f5.com/products/nginx/nginx-plus) and [NGINX Ingress Controller](https://www.f5.com/products/nginx/nginx-ingress-controller). 
+
+It is platform-agnostic and supports deployment options ranging from edge load balancers to individual pods in Kubernetes clusters.
diff --git a/content/waf/fundamentals/technical-specifications.md b/content/waf/fundamentals/technical-specifications.md
new file mode 100644
index 000000000..97e2abbc7
--- /dev/null
+++ b/content/waf/fundamentals/technical-specifications.md
@@ -0,0 +1,83 @@
+---
+# We use sentence case and present imperative tone
+title: "Technical specifications"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 200
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: reference
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to act as a single source of truth for supported operating systems and version compatibility.
+
+It follows a design pattern set by other NGINX product sets, showing various compatibility matrices:
+
+- [NGINX Plus]({{< ref "/nginx/technical-specs.md" >}})
+- [NGINX Instance Manager]({{< ref "/nim/fundamentals/tech-specs.md" >}})
+- [NGINX Ingress Controller]({{< ref "/nic/technical-specifications.md" >}})
+
+It is also where information about the [Supported Security Policy Features]({{< ref "/nap-waf/v4/configuration-guide/configuration.md#supported-security-policy-features" >}}) could be referenced, though most of that detail will instead be kept in the new top-level "Policies" section.
+
+{{</ call-out>}}
+
+This page outlines the technical specifications for F5 WAF for NGINX, which includes the minimum requirements and supported platforms.
+
+## Supported deployment environments
+
+You can deploy F5 WAF for NGINX in the following environments:
+
+- **Virtual environment** (or bare metal)
+- **Container** (Docker)
+- **Kubernetes**
+
+View the [Install section]({{< ref "/waf/install/" >}}) for information on deploying F5 WAF for NGINX.
+
+## Supported operating systems
+
+| Distribution       | Version      |
+| ------------------ | ------------ |
+| Alpine Linux       | 3.19         |
+| Amazon Linux       | 2023         |
+| Debian             | 11, 12       |
+| Oracle Linux       | 8.1          |
+| Ubuntu             | 22.04, 24.04 |
+| RHEL / Rocky Linux | 8, 9         |
+
+For release-specific packages, view the [Changelog]({{< ref "/waf/changelog.md" >}}).
+
+
+### Package dependencies
+
+The F5 WAF for NGINX package has the following dependencies:
+
+| Module name                                | Description |
+| ------------------------------------------ | ----------- |
+| nginx-plus-module-appprotect               | NGINX Plus dynamic module for F5 WAF for NGINX |
+| app-protect-engine                         | The F5 WAF for NGINX enforcement engine        |
+| app-protect-plugin                         | The F5 WAF for NGINX connector API between the engine and the NGINX Plus dynamic module |
+| app-protect-compiler                       | The F5 WAF for NGINX enforcement engine compiler agent |
+| app-protect-common                         | The F5 WAF for NGINX shared libraries package | 
+| app-protect-geoip                          | The F5 WAF for NGINX geolocation update package |
+| app-protect-graphql                        | The F5 WAF for NGINX shared library package for GraphQL protection |
+| app-protect-attack-signatures              | The F5 WAF for NGINX attack signatures update package |
+| app-protect-threat-campaigns               | The F5 WAF for NGINX threat campaigns update package |
+| app-protect-bot-signatures                 | The F5 WAF for NGINX bot signatures update package |
+| app-protect-selinux (**1**)                | The prebuilt SELinux policy module for F5 WAF for NGINX |
+| app-protect-ip-intelligence (**1**, **2**) | Necessary for the IP intelligence feature |
+
+1. _Optional dependencies_
+2. _This package needs to be installed separately, and includes a client for downloading and updating the feature's database_
+
+## Supported security policy features
+
+The following security policy features are available with F5 WAF for NGINX.
+
+The names link to additional information in the [Configure policies]({{< ref "/waf/policies/configuration.md" >}}) topic.
+
+{{< include "waf/supported-policy-features.md" >}}
\ No newline at end of file
diff --git a/content/waf/fundamentals/terminology.md b/content/waf/fundamentals/terminology.md
new file mode 100644
index 000000000..3e54e1af8
--- /dev/null
+++ b/content/waf/fundamentals/terminology.md
@@ -0,0 +1,46 @@
+---
+# We use sentence case and present imperative tone
+title: "Terminology"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 300
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: reference
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+This page defines terminology used when describing functionality of F5 WAF for NGINX.
+
+It assumes you are familiar with various layer 7 (L7) hypertext transfer protocol (HTTP) concepts such as:
+
+- Uniform Resource Identifier (URI)
+- Uniform Resource Location (URL)
+- HTTP methods and status codes
+- HTTP headings, requests, responses, and parameters
+- Cookies
+
+## Terms and definitions
+
+|Term | Definition |
+| ---| --- |
+| Alarm | If selected, the F5 WAF for NGINX system records requests that trigger the violation in the remote log (depending on the settings of the logging profile). |
+| Attack signature | Textual patterns which can be applied to HTTP requests and/or responses by F5 WAF for NGINX to determine if traffic is malicious. For example, the string `<script>` inside an HTTP request triggers an attack signature violation. |
+| Attack signature set | A collection of attack signatures designed for a specific purpose (such as Apache). |
+| Bot signatures | Textual patterns which can be applied to an HTTP request's User Agent or URI by F5 WAF for NGINX to determine if traffic is coming from a browser or a bot (trusted, untrusted or malicious). For example, the string `googlebot` inside the User-Agent header will be classified as `trusted bot`, and the string `Bichoo Spider` will be classified as `malicious bot`. |
+| Block | To prevent a request from reaching a protected web application. If selected (and enforcement mode is set to Blocking), F5 WAF for NGINX blocks requests that trigger the violation. |
+| Blocking response page | A blocking response page is displayed to a client when a request from that client has been blocked. Also called blocking page and response page. |
+| Enforcement mode | Security policies can be in one of two enforcement modes:<ul><li>**Transparent mode** In Transparent mode, Blocking is disabled for the security policy. Traffic is not blocked even if a violation is triggered with block flag enabled. You can use this mode when you first put a security policy into effect to make sure that no false positives occur that would stop legitimate traffic.</li><li>**Blocking mode** In Blocking mode, Blocking is enabled for the security policy, and you can enable or disable the Block setting for individual violations. Traffic is blocked when a violation occurs if you configure the system to block that type of violation. You can use this mode when you are ready to enforce the security policy. You can change the enforcement mode for a security policy in the security policy JSON file.</li></ul> |
+| Entities | The elements of a security policy, such as HTTP methods, as well as file types, URLs, and/or parameters, which have attributes such as byte length. Also refers to elements of a security policy for which enforcement can be turned on or off, such as an attack signature. |
+| False positive | An instance when F5 WAF for NGINX treats a legitimate request as a violation. |
+| File types | Examples of file types are .php, .asp, .gif, and .txt. They are the extensions for many objects that make up a web application. File Types are one type of entity a F5 WAF for NGINX policy contains. |
+| Illegal request | A request which violates a security policy |
+| Legal request | A request which has not violated the security policy. |
+| Loosening | The process of adapting a security policy to allow specific entities such as File Types, URLs, and Parameters. The term also applies to attack signatures, which can be manually disabled — effectively removing the signature from triggering any violations. |
+| Parameters | Parameters consist of "name=value" pairs, such as OrderID=10. The parameters appear in the query string and/or POST data of an HTTP request. Consequently, they are of particular interest to F5 WAF for NGINX because they represent inputs to the web application. |
+| TPS/RPS | Transactions per second (TPS)/requests per second (RPS). In F5 WAF for NGINX, these terms are used interchangeably. |
+| Tuning | Making manual changes to an existing security policy to reduce false positives and increase the policy’s security level. |
+| URI/URL | The Uniform Resource Identifier (URI) specifies the name of a web object in a request. A Uniform Resource Locator (URL) specifies the location of an object on the Internet. For example, in the web address, `http://www.siterequest.com/index.html`, index.html is the URI, and the URL is `http://www.siterequest.com/index.html`. In F5 WAF for NGINX, the terms URI and URL are used interchangeably. |
+| Violation | Violations occur when some aspect of a request or response does not comply with the security policy. You can configure the blocking settings for any violation in a security policy. When a violation occurs, the system can Alarm or Block a request (blocking is only available when the enforcement mode is set to Blocking). |
\ No newline at end of file
diff --git a/content/waf/install/_index.md b/content/waf/install/_index.md
new file mode 100644
index 000000000..0776e1afb
--- /dev/null
+++ b/content/waf/install/_index.md
@@ -0,0 +1,5 @@
+---
+title: "Install"
+url: /app-protect-waf/install/
+weight: 200
+---
\ No newline at end of file
diff --git a/content/waf/install/disconnected-environment.md b/content/waf/install/disconnected-environment.md
new file mode 100644
index 000000000..a63b26db7
--- /dev/null
+++ b/content/waf/install/disconnected-environment.md
@@ -0,0 +1,27 @@
+---
+# We use sentence case and present imperative tone
+title: "Deploy F5 WAF for NGINX in a disconnected environment"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 400
+# Creates a table of contents and sidebar, useful for large documents
+draft: true
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The term _disconnected environment_ has become the more commmon synonym for an air-gapped or offline installation. It follows the precedent set by NGINX Instance Manager: [Deploy in a disconnected environment -> Install the latest NGINX Instance Manager with a script (disconnected)]({{< ref "/nim/disconnected/offline-install-guide.md" >}}).
+
+The design intention for this page is as a standalone page for the operating system specific installation use cases:
+
+- [v4]({{< ref "/nap-waf/v4/admin-guide/install.md#offline-installation" >}})
+- [v5]({{< ref "/nap-waf/v5/admin-guide/install.md#air-gap-install-secure-offline-installation" >}})
+
+Instead of having separate top level folders, differences between v4 and v5 will be denoted with whole page sections, tabs, or other unique signifiers.
+
+{{</ call-out>}}
\ No newline at end of file
diff --git a/content/waf/install/oss/_index.md b/content/waf/install/oss/_index.md
new file mode 100644
index 000000000..2e99b3881
--- /dev/null
+++ b/content/waf/install/oss/_index.md
@@ -0,0 +1,10 @@
+---
+title: "NGINX Open Source"
+url: /app-protect-waf/install/oss
+cascade: 
+  nd-banner:
+    enabled: true
+    start-date: 2025-08-01
+    md: /_banners/waf-oss-usage.md
+weight: 200
+---
\ No newline at end of file
diff --git a/content/waf/install/oss/docker.md b/content/waf/install/oss/docker.md
new file mode 100644
index 000000000..c01c04620
--- /dev/null
+++ b/content/waf/install/oss/docker.md
@@ -0,0 +1,30 @@
+---
+# We use sentence case and present imperative tone
+title: "Docker"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 200
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is as a standalone page for the operating system specific installation use cases:
+
+- [v4]({{< ref "/nap-waf/v4/admin-guide/install.md#docker-deployments" >}})
+- [v5]({{< ref "/nap-waf/v5/admin-guide/install.md#waf-services-configuration" >}})
+
+Instead of having separate top level folders, differences between v4 and v5 will be denoted with whole page sections, tabs, or other unique signifiers.
+
+This reduces the amount of duplicate content, which makes maintainability much simpler and the text more uniform.
+
+With the full context of this section, the page is shorter, being concerned only with one specific method of installation.
+
+This makes it easier to link to specific instructions, and ensures that the customer sees only the critical information they need.
+
+{{</ call-out>}}
\ No newline at end of file
diff --git a/content/waf/install/oss/kubernetes.md b/content/waf/install/oss/kubernetes.md
new file mode 100644
index 000000000..80465ce22
--- /dev/null
+++ b/content/waf/install/oss/kubernetes.md
@@ -0,0 +1,24 @@
+---
+# We use sentence case and present imperative tone
+title: "Kubernetes"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 300
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to encapsulate the v5+ deployment methods, currently split between the following two pages:
+
+- [Deploy NGINX App Protect WAF with Helm]({{< ref "/nap-waf/v5/admin-guide/deploy-with-helm.md" >}})
+- [Deploy NGINX App Protect WAF with Manifests]({{< ref "/nap-waf/v5/admin-guide/deploy-with-manifests.md" >}})
+
+In execution it will probably remain two separate files: the warning banner on top of the page will explicitly indicate what version of NAP the instructions are intended for.
+
+{{</ call-out>}}
\ No newline at end of file
diff --git a/content/waf/install/oss/virtual-environment.md b/content/waf/install/oss/virtual-environment.md
new file mode 100644
index 000000000..bc20b8a8d
--- /dev/null
+++ b/content/waf/install/oss/virtual-environment.md
@@ -0,0 +1,26 @@
+---
+# We use sentence case and present imperative tone
+title: "Virtual environment"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 100
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is as a standalone page for the operating system specific installation use cases:
+
+- [v4]({{< ref "/nap-waf/v4/admin-guide/install.md#prerequisites" >}})
+- [v5]({{< ref "/nap-waf/v5/admin-guide/install.md#common-steps-for-nginx-open-source-and-nginx-plus" >}})
+
+Instead of having separate top level folders, differences between v4 and v5 will be denoted with whole page sections, tabs, or other unique signifiers.  
+
+{{< /call-out >}}
+
+This page describes how to install F5 WAF for NGINX on a virtual machine or bare metal environment. To review supported operating systems, please read the [Technical specifications]({{< ref "/waf/fundamentals/technical-specifications.md" >}}) guide.
diff --git a/content/waf/install/plus/_index.md b/content/waf/install/plus/_index.md
new file mode 100644
index 000000000..4516e2619
--- /dev/null
+++ b/content/waf/install/plus/_index.md
@@ -0,0 +1,5 @@
+---
+title: "NGINX Plus"
+url: /app-protect-waf/install/plus
+weight: 200
+---
\ No newline at end of file
diff --git a/content/waf/install/plus/docker.md b/content/waf/install/plus/docker.md
new file mode 100644
index 000000000..40f27d964
--- /dev/null
+++ b/content/waf/install/plus/docker.md
@@ -0,0 +1,1005 @@
+---
+# We use sentence case and present imperative tone
+title: "Docker"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 200
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+There's some content around mTLS that should be spun into its own page:
+
+- [Docker Compose File with mTLS]({{< ref "/nap-waf/v5/admin-guide/deploy-on-docker.md#docker-compose-file-with-mtls" >}})
+- [Secure Traffic Between NGINX and App Protect Enforcer using mTLS]({{< ref "/nap-waf/v5/configuration-guide/configuration.md#secure-traffic-between-nginx-and-app-protect-enforcer-using-mtls" >}})
+
+I haven't found reference to it in v5 content, but I don't see why it couldn't/wouldn't apply to v4 too?
+
+{{</ call-out >}}
+
+This page describes how to install F5 WAF for NGINX with NGINX Plus using Docker.
+
+## Before you begin
+
+To complete this guide, you will need the following prerequisites:
+
+- An active F5 WAF for NGINX subscription (Purchased or trial)
+- A working [NGINX Plus installation]({{< ref "/nginx/admin-guide/installing-nginx/installing-nginx-plus.md" >}})
+- [Docker](https://docs.docker.com/get-started/get-docker/)
+
+You should read the [IP intelligence topic]({{< ref "/waf/policies/ip-intelligence.md" >}}) for additional set-up configuration if you want to use the feature immediately.
+
+To review supported operating systems, please read the [Technical specifications]({{< ref "/waf/fundamentals/technical-specifications.md" >}}) guide.
+
+## Download your subscription credentials 
+
+{{< include "licensing-and-reporting/download-certificates-from-myf5.md" >}}
+
+## Create configuration files
+
+Once you have downloaded your subscription files, place them in a folder.
+
+In the same folder, you can then create three files:
+
+- _nginx.conf_ - An NGINX configuration file with F5 WAF for NGINX enabled
+- _entrypoint.sh_ - A Docker startup script which spins up all F5 WA for NGINX processes, requiring executable permissions
+- _custom_log_format.json_ - An optional user-defined security log format file
+
+{{< call-out "note" >}}
+
+If you are not using using `custom_log_format.json`, you should remove any references to it from your nginx.conf and entrypoint.sh files.
+
+{{< /call-out >}}
+
+Here are examples of the file contents: 
+
+{{< tabs name="configuration-files" >}}
+
+{{% tab name="nginx.conf" %}}
+
+```nginx
+user nginx;
+
+worker_processes auto;
+load_module modules/ngx_http_app_protect_module.so;
+
+error_log /var/log/nginx/error.log debug;
+
+events {
+    worker_connections 10240;
+}
+
+http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+    sendfile on;
+    keepalive_timeout 65;
+
+    upstream app_backend_com {
+        server 192.168.0.1:8000;
+        server 192.168.0.1:8001;
+    }
+    server {
+        listen 80;
+        server_name app.example.com;
+        proxy_http_version 1.1;
+
+        app_protect_enable on;
+        app_protect_security_log_enable on;
+        app_protect_security_log "/etc/nginx/custom_log_format.json" syslog:server=127.0.0.1:514;
+
+        location / {
+            client_max_body_size 0;
+            default_type text/html;
+            # set your backend here
+            proxy_pass http://app_backend_com;
+            proxy_set_header Host $host;
+        }
+    }
+}
+```
+
+{{% /tab %}}
+
+{{% tab name="entrypoint.sh" %}}
+
+```shell
+#!/bin/sh
+
+/bin/su -s /bin/sh -c "/usr/share/ts/bin/bd-socket-plugin tmm_count 4 proc_cpuinfo_cpu_mhz 2000000 total_xml_memory 307200000 total_umu_max_size 3129344 sys_max_account_id 1024 no_static_config 2>&1 >> /var/log/app_protect/bd-socket-plugin.log &" nginx
+/usr/sbin/nginx -g 'daemon off;'
+
+# Optional line for the IP intelligence feature
+/opt/app_protect/bin/iprepd /etc/app_protect/tools/iprepd.cfg > ipi.log 2>&1 &
+```
+
+{{% /tab %}}
+
+{{% tab name="custom_log_format.json" %}}
+
+```json
+{
+    "filter": {
+        "request_type": "all"
+    },
+    "content": {
+        "format": "splunk",
+        "max_request_size": "any",
+        "max_message_size": "10k"
+    }
+}
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+## Create a Dockerfile
+
+In the same folder as your credential and configuration files, create a _Dockerfile_ based on your desired operating system image using an example below:
+
+{{< call-out "note" >}}
+
+If you are not using using `custom_log_format.json` or the IP intelligence feature,  you should remove any references to them from your Dockerfile.
+
+{{< /call-out >}}
+
+### Alpine Linux
+
+{{< tabs name="alpine-instructions" >}}
+
+{{% tab name="V4" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+# For Alpine 3.19:
+FROM alpine:3.19
+
+# Download and add the NGINX signing keys:
+RUN wget -O /etc/apk/keys/nginx_signing.rsa.pub https://cs.nginx.com/static/keys/nginx_signing.rsa.pub \
+ && wget -O /etc/apk/keys/app-protect-security-updates.rsa.pub https://cs.nginx.com/static/keys/app-protect-security-updates.rsa.pub
+
+# Add NGINX Plus repository:
+RUN printf "https://pkgs.nginx.com/plus/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | tee -a /etc/apk/repositories
+
+# Add NGINX App Protect repository:
+RUN printf "https://pkgs.nginx.com/app-protect/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | tee -a /etc/apk/repositories \
+ && printf "https://pkgs.nginx.com/app-protect-security-updates/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | tee -a /etc/apk/repositories
+
+# Update the repository and install the most recent version of the F5 WAF for NGINX package (which includes NGINX Plus):
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/apk/cert.pem,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/apk/cert.key,mode=0644 \
+    apk update && apk add app-protect
+
+# Only use if you want to install and use the IP intelligence feature:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/apk/cert.pem,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/apk/cert.key,mode=0644 \
+    apk update && apk add app-protect-ip-intelligence
+
+# Forward request logs to Docker log collector:
+RUN ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Copy configuration files:
+COPY nginx.conf custom_log_format.json /etc/nginx/
+COPY entrypoint.sh /root/
+
+CMD ["sh", "/root/entrypoint.sh"]
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+
+# Supported OS_VER's are 3.16/3.17/3.19
+ARG OS_VER="3.19"
+
+# Base image
+FROM alpine:${OS_VER}
+
+# Install NGINX Plus and F5 WAF for NGINX v5 module
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/apk/cert.pem,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/apk/cert.key,mode=0644 \
+    wget -O /etc/apk/keys/nginx_signing.rsa.pub https://cs.nginx.com/static/keys/nginx_signing.rsa.pub \
+    && printf "https://pkgs.nginx.com/plus/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | \
+       tee -a /etc/apk/repositories \
+    && printf "https://pkgs.nginx.com/app-protect-x-plus/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | \
+       tee -a /etc/apk/repositories \
+    && apk update \
+    && apk add app-protect-module-plus \
+    && ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log \
+    && rm -rf /var/cache/apk/*
+
+# Expose port
+EXPOSE 80
+
+# Define stop signal
+STOPSIGNAL SIGQUIT
+
+# Set default command
+CMD ["nginx", "-g", "daemon off;"]
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### Amazon Linux
+
+{{< tabs name="amazon-instructions" >}}
+
+{{% tab name="V4" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+# For Amazon Linux 2023:
+FROM amazonlinux:2023
+
+# Install prerequisite packages:
+RUN dnf -y install wget ca-certificates
+
+# Add NGINX Plus repo:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/plus-amazonlinux2023.repo
+
+# Add NAP dependencies repo:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.amazonlinux2023.repo
+
+# Add NGINX App-protect repo:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/app-protect-amazonlinux2023.repo
+
+# Install F5 WAF for NGINX:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf -y install app-protect \
+    && dnf clean all \
+    && rm -rf /var/cache/yum
+
+# Only use if you want to install and use the IP intelligence feature:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf -y install app-protect-ip-intelligence
+
+# Forward request logs to Docker log collector:
+RUN ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Copy configuration files:
+COPY nginx.conf custom_log_format.json /etc/nginx/
+COPY entrypoint.sh /root/
+
+CMD ["sh", "/root/entrypoint.sh"]
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+
+# Base image
+FROM amazonlinux:2023
+
+# Install NGINX Plus and F5 WAF for NGINX v5 module
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    yum -y install wget ca-certificates shadow-utils \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/plus-amazonlinux2023.repo \
+    && echo "[app-protect-x-plus]" > /etc/yum.repos.d/app-protect-plus.repo \
+    && echo "name=nginx-app-protect repo" >> /etc/yum.repos.d/app-protect-plus.repo \
+    && echo "baseurl=https://pkgs.nginx.com/app-protect-x-plus/amzn/2023/\$basearch/" >> /etc/yum.repos.d/app-protect-plus.repo \
+    && echo "sslclientcert=/etc/ssl/nginx/nginx-repo.cert" >> /etc/yum.repos.d/app-protect-plus.repo \
+    && echo "sslclientkey=/etc/ssl/nginx/nginx-repo.key" >> /etc/yum.repos.d/app-protect-plus.repo \
+    && echo "gpgcheck=0" >> /etc/yum.repos.d/app-protect-plus.repo \
+    && echo "enabled=1" >> /etc/yum.repos.d/app-protect-plus.repo \
+    && yum -y install app-protect-module-plus \
+    && yum clean all \
+    && rm -rf /var/cache/yum \
+    && ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Expose port
+EXPOSE 80
+
+# Define stop signal
+STOPSIGNAL SIGQUIT
+
+# Set default command
+CMD ["nginx", "-g", "daemon off;"]
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### Debian
+
+{{< tabs name="debian-instructions" >}}
+
+{{% tab name="V4" %}}
+
+```dockerfile
+ARG OS_CODENAME
+# Where OS_CODENAME can be: buster/bullseye/bookworm
+# syntax=docker/dockerfile:1
+# For Debian 11 / 12:
+FROM debian:${OS_CODENAME}
+
+# Install prerequisite packages:
+RUN apt-get update && apt-get install -y apt-transport-https lsb-release ca-certificates wget gnupg2
+
+# Download and add the NGINX signing keys:
+RUN wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | \
+    gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
+RUN wget -qO - https://cs.nginx.com/static/keys/app-protect-security-updates.key | \
+    gpg --dearmor | tee /usr/share/keyrings/app-protect-security-updates.gpg >/dev/null
+
+# Add NGINX Plus repository:
+RUN printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+    https://pkgs.nginx.com/plus/debian `lsb_release -cs` nginx-plus\n" | \
+    tee /etc/apt/sources.list.d/nginx-plus.list
+
+# Add F5 WAF for NGINX repositories:
+RUN printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+    https://pkgs.nginx.com/app-protect/debian `lsb_release -cs` nginx-plus\n" | \
+    tee /etc/apt/sources.list.d/nginx-app-protect.list
+RUN printf "deb [signed-by=/usr/share/keyrings/app-protect-security-updates.gpg] \
+    https://pkgs.nginx.com/app-protect-security-updates/debian `lsb_release -cs` nginx-plus\n" | \
+    tee /etc/apt/sources.list.d/app-protect-security-updates.list
+
+# Download the apt configuration to `/etc/apt/apt.conf.d`:
+RUN wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx
+
+# Update the repository and install the most recent version of the F5 WAF for NGINX package (which includes NGINX Plus):
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    apt-get update && apt-get install -y app-protect
+
+# Only use if you want to install and use the IP intelligence feature:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    apt-get install -y app-protect-ip-intelligence
+
+# Forward request logs to Docker log collector:
+RUN ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Copy configuration files:
+COPY nginx.conf custom_log_format.json /etc/nginx/
+COPY entrypoint.sh /root/
+
+CMD ["sh", "/root/entrypoint.sh"]
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+
+# Supported OS_CODENAME's are: bullseye/bookworm
+ARG OS_CODENAME=bookworm
+
+# Base image
+FROM debian:${OS_CODENAME}
+
+# Install NGINX Plus and F5 WAF for NGINX v5 module
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    apt-get update \
+    && apt-get install -y \
+       apt-transport-https \
+       lsb-release \
+       ca-certificates \
+       wget \
+       gnupg2 \
+       debian-archive-keyring \
+    && wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | \
+       gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null \
+    && gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg \
+    && printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+       https://pkgs.nginx.com/plus/debian `lsb_release -cs` nginx-plus\n" | \
+       tee /etc/apt/sources.list.d/nginx-plus.list \
+    && printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+       https://pkgs.nginx.com/app-protect-x-plus/debian `lsb_release -cs` nginx-plus\n" | \
+       tee /etc/apt/sources.list.d/nginx-app-protect.list \
+    && wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx \
+    && apt-get update \
+    && DEBIAN_FRONTEND="noninteractive" apt-get install -y app-protect-module-plus \
+    && ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Expose port
+EXPOSE 80
+
+# Define stop signal
+STOPSIGNAL SIGQUIT
+
+# Set default command
+CMD ["nginx", "-g", "daemon off;"]
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### Oracle Linux
+
+{{< tabs name="oracle-instructions" >}}
+
+{{% tab name="V4" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+# For Oracle Linux 8:
+FROM oraclelinux:8
+
+# Install prerequisite packages:
+RUN dnf -y install wget ca-certificates yum-utils
+
+# Add NGINX Plus repo to Yum:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/nginx-plus-8.repo
+
+# Add NGINX App-protect repo to Yum:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/app-protect-8.repo
+
+# Enable Yum repositories to pull App Protect dependencies:
+RUN dnf config-manager --set-enabled ol8_codeready_builder \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo \
+    # You can use either of the dependencies or epel repo
+    # && rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
+    && dnf clean all
+
+# Install F5 WAF for NGINX:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf -y install app-protect \
+    && dnf clean all \
+    && rm -rf /var/cache/dnf
+
+# Only use if you want to install and use the IP intelligence feature:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf install -y app-protect-ip-intelligence
+
+# Forward request logs to Docker log collector:
+RUN ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Copy configuration files:
+COPY nginx.conf custom_log_format.json /etc/nginx/
+COPY entrypoint.sh /root/
+
+CMD ["sh", "/root/entrypoint.sh"]
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+
+# Base image
+FROM oraclelinux:8
+
+# Install NGINX Plus and F5 WAF for NGINX v5 module
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf -y install wget ca-certificates yum-utils \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/nginx-plus-8.repo \
+    && echo "[app-protect-x-plus]" > /etc/yum.repos.d/app-protect-8-x-plus.repo \
+    && echo "name=nginx-app-protect repo" >> /etc/yum.repos.d/app-protect-8-x-plus.repo \
+    && echo "baseurl=https://pkgs.nginx.com/app-protect-x-plus/centos/8/\$basearch/" >> /etc/yum.repos.d/app-protect-8-x-plus.repo \
+    && echo "sslclientcert=/etc/ssl/nginx/nginx-repo.cert" >> /etc/yum.repos.d/app-protect-8-x-plus.repo \
+    && echo "sslclientkey=/etc/ssl/nginx/nginx-repo.key" >> /etc/yum.repos.d/app-protect-8-x-plus.repo \
+    && echo "gpgcheck=0" >> /etc/yum.repos.d/app-protect-8-x-plus.repo \
+    && echo "enabled=1" >> /etc/yum.repos.d/app-protect-8-x-plus.repo \
+    && dnf clean all \
+    && dnf -y install app-protect-module-plus \
+    && dnf clean all \
+    && rm -rf /var/cache/dnf \
+    && ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Expose port
+EXPOSE 80
+
+# Define stop signal
+STOPSIGNAL SIGQUIT
+
+# Set default command
+CMD ["nginx", "-g", "daemon off;"]
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### Ubuntu
+
+{{< tabs name="ubuntu-instructions" >}}
+
+{{% tab name="V4" %}}
+
+```dockerfile
+ARG OS_CODENAME
+# Where OS_CODENAME can be: focal/jammy/noble
+# syntax=docker/dockerfile:1
+# For Ubuntu 20.04 / 22.04 / 24.04:
+FROM ubuntu:${OS_CODENAME}
+
+# Install prerequisite packages:
+RUN apt-get update && apt-get install -y apt-transport-https lsb-release ca-certificates wget gnupg2
+
+# Download and add the NGINX signing keys:
+RUN wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | \
+    gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
+RUN wget -qO - https://cs.nginx.com/static/keys/app-protect-security-updates.key | \
+    gpg --dearmor | tee /usr/share/keyrings/app-protect-security-updates.gpg >/dev/null
+
+# Add NGINX Plus repository:
+RUN printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+    https://pkgs.nginx.com/plus/ubuntu `lsb_release -cs` nginx-plus\n" | \
+    tee /etc/apt/sources.list.d/nginx-plus.list
+
+# Add F5 WAF for NGINX repositories:
+RUN printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+    https://pkgs.nginx.com/app-protect/ubuntu `lsb_release -cs` nginx-plus\n" | \
+    tee /etc/apt/sources.list.d/nginx-app-protect.list
+RUN printf "deb [signed-by=/usr/share/keyrings/app-protect-security-updates.gpg] \
+    https://pkgs.nginx.com/app-protect-security-updates/ubuntu `lsb_release -cs` nginx-plus\n" | \
+    tee /etc/apt/sources.list.d/app-protect-security-updates.list
+
+# Download the apt configuration to `/etc/apt/apt.conf.d`:
+RUN wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx
+
+# Update the repository and install the most recent version of the F5 WAF for NGINX package (which includes NGINX Plus):
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    apt-get update && DEBIAN_FRONTEND="noninteractive" apt-get install -y app-protect
+
+# Only use if you want to install and use the IP intelligence feature:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    apt-get install -y app-protect-ip-intelligence
+
+# Forward request logs to Docker log collector:
+RUN ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Copy configuration files:
+COPY nginx.conf custom_log_format.json /etc/nginx/
+COPY entrypoint.sh /root/
+
+CMD ["sh", "/root/entrypoint.sh"]
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+
+# Supported OS_CODENAME's are: focal/jammy
+ARG OS_CODENAME=jammy
+
+# Base image
+FROM ubuntu:${OS_CODENAME}
+
+# Install NGINX Plus and F5 WAF for NGINX v5 module
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    apt-get update \
+    && apt-get install -y \
+       apt-transport-https \
+       lsb-release \
+       ca-certificates \
+       wget \
+       gnupg2 \
+       ubuntu-keyring \
+    && wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | \
+       gpg --dearmor | tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null \
+    && gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg \
+    && printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+       https://pkgs.nginx.com/plus/ubuntu `lsb_release -cs` nginx-plus\n" | \
+       tee /etc/apt/sources.list.d/nginx-plus.list \
+    && printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+       https://pkgs.nginx.com/app-protect-x-plus/ubuntu `lsb_release -cs` nginx-plus\n" | \
+       tee /etc/apt/sources.list.d/nginx-app-protect.list \
+    && wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx \
+    && apt-get update \
+    && DEBIAN_FRONTEND="noninteractive" apt-get install -y app-protect-module-plus \
+    && ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# Expose port
+EXPOSE 80
+
+# Define stop signal
+STOPSIGNAL SIGQUIT
+
+# Set default command
+CMD ["nginx", "-g", "daemon off;"]
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### RHEL8
+
+{{< tabs name="rhel8-instructions" >}}
+
+{{% tab name="V4" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+# For RHEL ubi8:
+FROM registry.access.redhat.com/ubi8/ubi
+
+# Install prerequisite packages:
+RUN dnf -y install wget ca-certificates
+
+# Add NGINX Plus repo to Yum:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/nginx-plus-8.repo
+
+# Add NGINX App-protect & dependencies repo to Yum:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/app-protect-8.repo
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo \
+    # You can use either of the dependencies or epel repo
+    # && rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \
+    && dnf clean all
+
+# Install F5 WAF for NGINX:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf install --enablerepo=codeready-builder-for-rhel-8-x86_64-rpms -y app-protect \
+    && dnf clean all \
+    && rm -rf /var/cache/dnf
+
+# Only use if you want to install and use the IP intelligence feature:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf install -y app-protect-ip-intelligence
+
+# Forward request logs to Docker log collector:
+RUN ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Copy configuration files:
+COPY nginx.conf custom_log_format.json /etc/nginx/
+COPY entrypoint.sh /root/
+
+CMD ["sh", "/root/entrypoint.sh"]
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+
+# Supported UBI_VERSION's are 7/8/9
+ARG UBI_VERSION=8
+
+# Base Image
+FROM registry.access.redhat.com/ubi${UBI_VERSION}/ubi
+
+# Define the ARG again after FROM to use it in this stage
+ARG UBI_VERSION
+
+# Install NGINX Plus and F5 WAF for NGINX v5 module
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    PKG_MANAGER=dnf; \
+    if [ "${UBI_VERSION}" = "7" ]; then \
+        PKG_MANAGER=yum; \
+        NGINX_PLUS_REPO="nginx-plus-7.4.repo"; \
+    elif [ "${UBI_VERSION}" = "9" ]; then \
+        NGINX_PLUS_REPO="plus-${UBI_VERSION}.repo"; \
+    else \
+        NGINX_PLUS_REPO="nginx-plus-${UBI_VERSION}.repo"; \
+    fi \
+    && $PKG_MANAGER -y install wget ca-certificates \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/${NGINX_PLUS_REPO} \
+    && echo "[app-protect-x-plus]" > /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "name=nginx-app-protect repo" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "baseurl=https://pkgs.nginx.com/app-protect-x-plus/centos/${UBI_VERSION}/\$basearch/" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "sslclientcert=/etc/ssl/nginx/nginx-repo.cert" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "sslclientkey=/etc/ssl/nginx/nginx-repo.key" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "gpgcheck=0" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "enabled=1" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && $PKG_MANAGER clean all \
+    && $PKG_MANAGER install -y app-protect-module-plus \
+    && $PKG_MANAGER clean all \
+    && rm -rf /var/cache/$PKG_MANAGER \
+    && ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Expose port
+EXPOSE 80
+
+# Define stop signal
+STOPSIGNAL SIGQUIT
+
+# Set default command
+CMD ["nginx", "-g", "daemon off;"]
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### RHEL 9
+
+{{< tabs name="rhel9-instructions" >}}
+
+{{% tab name="V4" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+# For Rocky Linux 9:
+FROM rockylinux:9
+
+# Install prerequisite packages:
+RUN dnf -y install wget ca-certificates 'dnf-command(config-manager)'
+
+# Add NGINX Plus repo to Yum:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/plus-9.repo
+
+# Add NGINX App-protect & dependencies repo to Yum:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/app-protect-9.repo
+RUN dnf config-manager --set-enabled crb \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo \
+    && dnf clean all
+
+# Install F5 WAF for NGINX:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf install -y app-protect \
+    && dnf clean all \
+    && rm -rf /var/cache/dnf
+
+# Only use if you want to install and use the IP intelligence feature:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf install -y app-protect-ip-intelligence
+
+# Forward request logs to Docker log collector:
+RUN ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Copy configuration files:
+COPY nginx.conf custom_log_format.json /etc/nginx/
+COPY entrypoint.sh /root/
+
+CMD ["sh", "/root/entrypoint.sh"]
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+
+# Base Image
+FROM rockylinux:9
+
+# Install NGINX Plus and F5 WAF for NGINX v5 module
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf -y install wget ca-certificates \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/${NGINX_PLUS_REPO} \
+    && echo "[app-protect-x-plus]" > /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "name=nginx-app-protect repo" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "baseurl=https://pkgs.nginx.com/app-protect-x-plus/centos/${UBI_VERSION}/\$basearch/" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "sslclientcert=/etc/ssl/nginx/nginx-repo.cert" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "sslclientkey=/etc/ssl/nginx/nginx-repo.key" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "gpgcheck=0" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "enabled=1" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && dnf clean all \
+    && dnf install -y app-protect-module-plus \
+    && dnf clean all \
+    && rm -rf /var/cache/dnf \
+    && ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Expose port
+EXPOSE 80
+
+# Define stop signal
+STOPSIGNAL SIGQUIT
+
+# Set default command
+CMD ["nginx", "-g", "daemon off;"]
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### Rocky Linux 9
+
+{{< tabs name="rocky-instructions" >}}
+
+{{% tab name="V4" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+# For Rocky Linux 9:
+FROM rockylinux:9
+
+# Install prerequisite packages:
+RUN dnf -y install wget ca-certificates 'dnf-command(config-manager)'
+
+# Add NGINX Plus repo to Yum:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/plus-9.repo
+
+# Add NGINX App-protect & dependencies repo to Yum:
+RUN wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/app-protect-9.repo
+RUN dnf config-manager --set-enabled crb \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo \
+    && dnf clean all
+
+# Install F5 WAF for NGINX:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf install -y app-protect \
+    && dnf clean all \
+    && rm -rf /var/cache/dnf
+
+# Only use if you want to install and use the IP intelligence feature:
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf install -y app-protect-ip-intelligence
+
+# Forward request logs to Docker log collector:
+RUN ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Copy configuration files:
+COPY nginx.conf custom_log_format.json /etc/nginx/
+COPY entrypoint.sh /root/
+
+CMD ["sh", "/root/entrypoint.sh"]
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+```dockerfile
+# syntax=docker/dockerfile:1
+
+# Base Image
+FROM rockylinux:9
+
+# Install NGINX Plus and F5 WAF for NGINX v5 module
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.cert,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    dnf -y install wget ca-certificates \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo \
+    && wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/${NGINX_PLUS_REPO} \
+    && echo "[app-protect-x-plus]" > /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "name=nginx-app-protect repo" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "baseurl=https://pkgs.nginx.com/app-protect-x-plus/centos/${UBI_VERSION}/\$basearch/" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "sslclientcert=/etc/ssl/nginx/nginx-repo.cert" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "sslclientkey=/etc/ssl/nginx/nginx-repo.key" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "gpgcheck=0" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && echo "enabled=1" >> /etc/yum.repos.d/app-protect-${UBI_VERSION}-x-plus.repo \
+    && dnf clean all \
+    && dnf install -y app-protect-module-plus \
+    && dnf clean all \
+    && rm -rf /var/cache/dnf \
+    && ln -sf /dev/stdout /var/log/nginx/access.log \
+    && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# Expose port
+EXPOSE 80
+
+# Define stop signal
+STOPSIGNAL SIGQUIT
+
+# Set default command
+CMD ["nginx", "-g", "daemon off;"]
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+## Build the Docker image
+
+Your folder should contain the following files:
+
+- _nginx-repo.cert_
+- _nginx-repo.key_
+- _nginx.conf_
+- _entrypoint.sh_
+- _Dockerfile_
+- _custom_log_format.json_ (Optional)
+
+To build an image, use the following command, replacing `<your-image-name>` as appropriate:
+
+```shell
+sudo docker build --no-cache --platform linux/amd64 --secret id=nginx-crt,src=nginx-repo.cert --secret id=nginx-key,src=nginx-repo.key -t <your-image-name> .
+```
+
+A RHEL-based system would use the following command instead:
+
+```shell
+podman build --no-cache --secret id=nginx-crt,src=nginx-repo.cert --secret id=nginx-key,src=nginx-repo.key -t <your-image-name> .
+```
+
+{{< call-out "note" >}}
+
+The `--no-cache` option is used to ensure the image is built from scratch, installing the latest versions of NGINX Plus and F5 WAF for NGINX.
+
+{{< /call-out >}}
+
+Verify that your image has been created using the `docker images` command:
+
+```shell
+docker images <your-image-name>
+```
+
+Create a container based on this image, replacing <your-container-name> as appropriate:
+
+```shell
+docker run --name <your-container-name> -p 80:80 -d <your-image-name>
+```
+
+Verify the new container is running using the `docker ps` command:
+
+```shell
+docker ps
+```
+
+## Update configuration files
+
+{{< include "waf/install-update-configuration.md" >}}
+
+## Configure Docker services
+
+{{< include "waf/install-services-docker.md" >}}
+
+### Configure Docker for the F5 Container Registry
+
+{{< include "waf/install-services-registry.md" >}}
+
+### Download Docker images
+
+{{< include "waf/install-services-images.md" >}}
+
+### Create and run a Docker Compose file
+
+{{< include "waf/install-services-compose.md" >}}
+
+## Post-installation checks
+
+{{< include "waf/install-post-checks.md" >}}
+
+## Next steps
+
+{{< include "waf/install-next-steps.md" >}}
\ No newline at end of file
diff --git a/content/waf/install/plus/kubernetes.md b/content/waf/install/plus/kubernetes.md
new file mode 100644
index 000000000..80465ce22
--- /dev/null
+++ b/content/waf/install/plus/kubernetes.md
@@ -0,0 +1,24 @@
+---
+# We use sentence case and present imperative tone
+title: "Kubernetes"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 300
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to encapsulate the v5+ deployment methods, currently split between the following two pages:
+
+- [Deploy NGINX App Protect WAF with Helm]({{< ref "/nap-waf/v5/admin-guide/deploy-with-helm.md" >}})
+- [Deploy NGINX App Protect WAF with Manifests]({{< ref "/nap-waf/v5/admin-guide/deploy-with-manifests.md" >}})
+
+In execution it will probably remain two separate files: the warning banner on top of the page will explicitly indicate what version of NAP the instructions are intended for.
+
+{{</ call-out>}}
\ No newline at end of file
diff --git a/content/waf/install/plus/virtual-environment.md b/content/waf/install/plus/virtual-environment.md
new file mode 100644
index 000000000..83ad255fb
--- /dev/null
+++ b/content/waf/install/plus/virtual-environment.md
@@ -0,0 +1,388 @@
+---
+# We use sentence case and present imperative tone
+title: "Virtual environment"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 100
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The disconnected/air-gapped installation use case has very similar steps.
+
+I'm identifying shared steps for it: depending on how large the steps might be, it might re-appear as a section on a page or have its own page.
+
+{{</ call-out>}}
+
+This page describes how to install F5 WAF for NGINX with NGINX Plus on a virtual machine or bare metal environment. 
+
+## Before you begin
+
+To complete this guide, you will need the following prerequisites:
+
+- An active F5 WAF for NGINX subscription (Purchased or trial)
+- A working [NGINX Plus installation]({{< ref "/nginx/admin-guide/installing-nginx/installing-nginx-plus.md" >}})
+
+You should read the [IP intelligence topic]({{< ref "/waf/policies/ip-intelligence.md" >}}) for additional set-up configuration if you want to use the feature immediately.
+
+To review supported operating systems, please read the [Technical specifications]({{< ref "/waf/fundamentals/technical-specifications.md" >}}) guide.
+
+{{< call-out "note" >}}
+
+To use a V5-based package, you will also need to install [Docker](https://docs.docker.com/get-started/get-docker/).
+
+{{< /call-out>}}
+
+## Platform-specific instructions
+
+Navigate to your chosen operating system, which are alphabetically ordered.
+
+The tabs are used to select steps specific to your F5 WAF for NGINX version.
+
+### Alpine Linux
+
+{{< tabs name="alpine-instructions" >}}
+
+{{% tab name="V4" %}}
+
+Add the F5 WAF for NGINX repository:
+
+```shell
+printf "https://pkgs.nginx.com/app-protect/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | sudo tee -a /etc/apk/repositories
+printf "https://pkgs.nginx.com/app-protect-security-updates/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | sudo tee -a /etc/apk/repositories
+```
+
+Update the repositories, then install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo apk update
+sudo apk add openssl ca-certificates app-protect
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+Add the F5 WAF for NGINX repository:
+
+```shell
+printf "https://pkgs.nginx.com/app-protect-x-plus/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | sudo tee -a /etc/apk/repositories
+```
+
+Update the repositories, then install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo apk update
+sudo apk add openssl ca-certificates app-protect-module-plus
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### Amazon Linux
+
+{{< tabs name="amazon-instructions" >}}
+
+{{% tab name="V4" %}}
+
+Add the F5 WAF for NGINX repository:
+
+```shell
+sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/app-protect-amazonlinux2023.repo
+```
+
+Add F5 WAF for NGINX dependencies:
+
+```shell
+sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.amazonlinux2023.repo
+```
+
+Install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo dnf install app-protect
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+Create a file for the F5 WAF for NGINX repository:
+
+**/etc/yum.repos.d/app-protect-x-plus.repo**
+
+```shell
+[app-protect-x-plus]
+name=nginx-app-protect repo
+baseurl=https://pkgs.nginx.com/app-protect-x-plus/amzn/2023/$basearch/
+sslclientcert=/etc/ssl/nginx/nginx-repo.crt
+sslclientkey=/etc/ssl/nginx/nginx-repo.key
+gpgcheck=0
+enabled=1
+```
+
+Install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo dnf install app-protect-module-plus
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### Debian
+
+{{< tabs name="debian-instructions" >}}
+
+{{% tab name="V4" %}}
+
+Add the F5 WAF for NGINX repositories:
+
+```shell
+printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+https://pkgs.nginx.com/app-protect/debian `lsb_release -cs` nginx-plus\n" | \
+sudo tee /etc/apt/sources.list.d/nginx-app-protect.list
+
+printf "deb [signed-by=/usr/share/keyrings/app-protect-security-updates.gpg] \
+https://pkgs.nginx.com/app-protect-security-updates/debian `lsb_release -cs` nginx-plus\n" | \
+sudo tee /etc/apt/sources.list.d/app-protect-security-updates.list
+```
+
+Update the repositories, then install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo apt-get update
+sudo apt-get install app-protect
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+Add the F5 WAF for NGINX repository:
+
+```shell
+printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+https://pkgs.nginx.com/app-protect-x-plus/debian `lsb_release -cs` nginx-plus\n" | \
+sudo tee /etc/apt/sources.list.d/nginx-app-protect.list
+```
+
+Update the repositories, then install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo apt-get update
+sudo apt-get install app-protect-module-plus
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+
+### Oracle Linux / RHEL / Rocky Linux 8
+
+{{< call-out "important" >}}
+
+These instructions apply to Oracle Linux 8.1, and RHEL / Rocky Linux 8.
+
+Their packages are identical due to their similar architecture.
+
+{{< /call-out>}}
+
+{{< tabs name="oracle-instructions" >}}
+
+{{% tab name="V4" %}}
+
+Add the F5 WAF for NGINX repository:
+
+```shell
+sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/app-protect-8.repo
+```
+
+Add F5 WAF for NGINX dependencies:
+
+```shell
+sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo
+```
+
+Enable the _ol8_codeready_builder_ repository:
+
+```shell
+sudo dnf config-manager --set-enabled ol8_codeready_builder
+```
+
+Install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo dnf install app-protect
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+Create a file for the F5 WAF for NGINX repository:
+
+**/etc/yum.repos.d/app-protect-x-plus.repo**
+
+```shell
+[app-protect-x-plus]
+name=nginx-app-protect repo
+baseurl=https://pkgs.nginx.com/app-protect-x-plus/centos/8/$basearch/
+sslclientcert=/etc/ssl/nginx/nginx-repo.crt
+sslclientkey=/etc/ssl/nginx/nginx-repo.key
+gpgcheck=0
+enabled=1
+```
+
+Install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo dnf install app-protect-module-plus
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### Ubuntu
+
+{{< tabs name="ubuntu-instructions" >}}
+
+{{% tab name="V4" %}}
+
+Add the F5 WAF for NGINX repositories:
+
+```shell
+printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+https://pkgs.nginx.com/app-protect/ubuntu `lsb_release -cs` nginx-plus\n" | \
+sudo tee /etc/apt/sources.list.d/nginx-app-protect.list
+
+printf "deb [signed-by=/usr/share/keyrings/app-protect-security-updates.gpg] \
+https://pkgs.nginx.com/app-protect-security-updates/ubuntu `lsb_release -cs` nginx-plus\n" | \
+sudo tee /etc/apt/sources.list.d/app-protect-security-updates.list
+```
+
+Update the repositories, then install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo apt-get update
+sudo apt-get install app-protect
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+Add the F5 WAF for NGINX repositories:
+
+```shell
+printf "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
+https://pkgs.nginx.com/app-protect-x-plus/ubuntu `lsb_release -cs` nginx-plus\n" | \
+sudo tee /etc/apt/sources.list.d/nginx-app-protect.list
+```
+
+Update the repository, then install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo apt-get update
+sudo apt-get install app-protect-module-plus
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### RHEL / Rocky Linux 9
+
+{{< tabs name="rhel-instructions" >}}
+
+{{% tab name="V4" %}}
+
+Add the F5 WAF for NGINX repository:
+
+```shell
+sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/app-protect-9.repo
+```
+
+Add F5 WAF for NGINX dependencies:
+
+```shell
+sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo
+```
+
+Enable the _codeready-builder_ repository:
+
+```shell
+sudo subscription-manager repos --enable codeready-builder-for-rhel-9-x86_64-rpms
+```
+
+Install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo dnf install app-protect
+```
+
+{{% /tab %}}
+
+{{% tab name="V5" %}}
+
+Create a file for the F5 WAF for NGINX repository:
+
+**/etc/yum.repos.d/app-protect-x-plus.repo**
+
+```shell
+[app-protect-x-plus]
+name=nginx-app-protect repo
+baseurl=https://pkgs.nginx.com/app-protect-x-plus/centos/8/$basearch/
+sslclientcert=/etc/ssl/nginx/nginx-repo.crt
+sslclientkey=/etc/ssl/nginx/nginx-repo.key
+gpgcheck=0
+enabled=1
+```
+
+Install the F5 WAF for NGINX package and its dependencies:
+
+```shell
+sudo dnf install app-protect-module-plus
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+## Update configuration files
+
+{{< include "waf/install-update-configuration.md" >}}
+
+## Configure Docker services
+
+{{< include "waf/install-services-docker.md" >}}
+
+### Configure Docker for the F5 Container Registry
+
+{{< include "waf/install-services-registry.md" >}}
+
+### Download Docker images
+
+{{< include "waf/install-services-images.md" >}}
+
+### Create and run a Docker Compose file
+
+{{< include "waf/install-services-compose.md" >}}
+
+## Post-installation checks
+
+{{< include "waf/install-post-checks.md" >}}
+
+## Next steps
+
+{{< include "waf/install-next-steps.md" >}}
\ No newline at end of file
diff --git a/content/waf/install/uninstall.md b/content/waf/install/uninstall.md
new file mode 100644
index 000000000..3c0d171e7
--- /dev/null
+++ b/content/waf/install/uninstall.md
@@ -0,0 +1,30 @@
+---
+# We use sentence case and present imperative tone
+title: "Uninstall F5 WAF for NGINX"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 600
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is as a standalone page for the operating system specific installation use cases:
+
+- [v4]({{< ref "/nap-waf/v4/admin-guide/install.md#uninstall-app-protect" >}})
+- [v5]({{< ref "/nap-waf/v5/admin-guide/install.md#uninstall-nginx-and-nginx-app-protect-waf-module" >}})
+
+Instead of having separate top level folders, differences between v4 and v5 will be denoted with whole page sections, tabs, or other unique signifiers.
+
+This reduces the amount of duplicate content, which makes maintainability much simpler and the text more uniform.
+
+With the full context of this section, the page is shorter, being concerned only with one specific method of installation.
+
+This makes it easier to link to specific instructions, and ensures that the customer sees only the critical information they need.
+
+{{</ call-out>}}
\ No newline at end of file
diff --git a/content/waf/install/upgrade.md b/content/waf/install/upgrade.md
new file mode 100644
index 000000000..d0e18d8fe
--- /dev/null
+++ b/content/waf/install/upgrade.md
@@ -0,0 +1,30 @@
+---
+# We use sentence case and present imperative tone
+title: "Upgrade F5 WAF for NGINX"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 500
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is as a standalone page for the operating system specific installation use cases:
+
+- [v4]({{< ref "/nap-waf/v4/admin-guide/install.md#upgrading-app-protect-to-the-latest-version" >}})
+- [v5]({{< ref "/nap-waf/v5/admin-guide/upgrade-nap-waf.md" >}})
+
+Instead of having separate top level folders, differences between v4 and v5 will be denoted with whole page sections, tabs, or other unique signifiers.
+
+This reduces the amount of duplicate content, which makes maintainability much simpler and the text more uniform.
+
+With the full context of this section, the page is shorter, being concerned only with one specific method of installation.
+
+This makes it easier to link to specific instructions, and ensures that the customer sees only the critical information they need.
+
+{{</ call-out>}}
\ No newline at end of file
diff --git a/content/waf/kubernetes/_index.md b/content/waf/kubernetes/_index.md
new file mode 100644
index 000000000..9ffa5b5a9
--- /dev/null
+++ b/content/waf/kubernetes/_index.md
@@ -0,0 +1,5 @@
+---
+title: "Kubernetes"
+url: /app-protect-waf/Kubernetes/
+weight: 300
+---
diff --git a/content/waf/kubernetes/build-nic.md b/content/waf/kubernetes/build-nic.md
new file mode 100644
index 000000000..36b094b38
--- /dev/null
+++ b/content/waf/kubernetes/build-nic.md
@@ -0,0 +1,23 @@
+---
+# We use sentence case and present imperative tone
+title: "Build F5 WAF with NGINX Ingress Controller"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 200
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to migrate the [Build NGINX Ingress Controller with NGINX App Protect WAF]({{< ref "/nic/installation/integrations/app-protect-waf-v5/installation.md" >}}) page.
+
+As part of changing information architecture for the whole NGINX product portfolio, as much of the context for a specific product is kept within its own documentation set as possible.
+
+This reduces the amount of "hops" a customer must take across documentation sets, and improves maintainability by reducing the drift that occurs when re-documenting something in multiple places.
+
+{{</ call-out>}}
\ No newline at end of file
diff --git a/content/waf/kubernetes/configure-nic.md b/content/waf/kubernetes/configure-nic.md
new file mode 100644
index 000000000..40e973cba
--- /dev/null
+++ b/content/waf/kubernetes/configure-nic.md
@@ -0,0 +1,23 @@
+---
+# We use sentence case and present imperative tone
+title: "Configure F5 WAF with NGINX Ingress Controller"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 300
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to migrate the [Configure NGINX App Protect with NGINX Ingress Controller]({{< ref "/nic/installation/integrations/app-protect-waf-v5/configuration.md" >}}) page.
+
+As part of changing information architecture for the whole NGINX product portfolio, as much of the context for a specific product is kept within its own documentation set as possible.
+
+This reduces the amount of "hops" a customer must take across documentation sets, and improves maintainability by reducing the drift that occurs when re-documenting something in multiple places.
+
+{{</ call-out>}}
diff --git a/content/waf/kubernetes/install-nic.md b/content/waf/kubernetes/install-nic.md
new file mode 100644
index 000000000..aa494bab5
--- /dev/null
+++ b/content/waf/kubernetes/install-nic.md
@@ -0,0 +1,23 @@
+---
+# We use sentence case and present imperative tone
+title: "Install F5 WAF and NGINX Ingress Controller with Docker and Helm"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 100
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to migrate the [Install NGINX Ingress Controller and NGINX App Protect WAF with Docker and Helm]({{< ref "/nic/installation/installing-nic/deploy-with-nap-using-helm.md" >}}) page.
+
+As part of changing information architecture for the whole NGINX product portfolio, as much of the context for a specific product is kept within its own documentation set as possible.
+
+This reduces the amount of "hops" a customer must take across documentation sets, and improves maintainability by reducing the drift that occurs when re-documenting something in multiple places.
+
+{{</ call-out>}}
\ No newline at end of file
diff --git a/content/waf/kubernetes/nim-policy-compile.md b/content/waf/kubernetes/nim-policy-compile.md
new file mode 100644
index 000000000..841fc3867
--- /dev/null
+++ b/content/waf/kubernetes/nim-policy-compile.md
@@ -0,0 +1,23 @@
+---
+# We use sentence case and present imperative tone
+title: "Compile F5 WAF policies for NGINX Ingress Controller"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 400
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to migrate the [Compile NGINX App Protect WAF policies using NGINX Instance Manager]({{< ref "/nic/installation/integrations/app-protect-waf-v5/compile-waf-policies.md" >}}) page.
+
+As part of changing information architecture for the whole NGINX product portfolio, as much of the context for a specific product is kept within its own documentation set as possible.
+
+This reduces the amount of "hops" a customer must take across documentation sets, and improves maintainability by reducing the drift that occurs when re-documenting something in multiple places.
+
+{{</ call-out>}}
\ No newline at end of file
diff --git a/content/waf/policies/_index.md b/content/waf/policies/_index.md
new file mode 100644
index 000000000..122cb2e1b
--- /dev/null
+++ b/content/waf/policies/_index.md
@@ -0,0 +1,5 @@
+---
+title: "Policies"
+url: /app-protect-waf/policies/
+weight: 500
+---
diff --git a/content/waf/policies/attack-signatures.md b/content/waf/policies/attack-signatures.md
new file mode 100644
index 000000000..5ab27655a
--- /dev/null
+++ b/content/waf/policies/attack-signatures.md
@@ -0,0 +1,277 @@
+---
+# We use sentence case and present imperative tone
+title: "Attack signatures"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 300
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: reference
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+Attack signatures are rules or patterns that identify attack sequences or classes of attacks on a web application and its components. You can apply attack signatures to both requests and responses. F5 WAF for NGINX includes predefined attack signatures to protect your application against all attack types identified by the system.
+
+As new attack signatures are identified, they will become available for download and installation so that your system will always have the most up-to-date protection. 
+
+You can update the attack signatures without updating F5 WAF for NGINX, and conversely, you can update F5 WAF for NGINX without changing the attack signature package, unless you upgrade to a new NGINX Plus release.
+
+## Signature settings
+
+| Setting | JSON property | F5 WAF for NGINX support | Default value |
+| --------| ------------- | ------------------------ | ------------- |
+| Signature sets | signature-sets | All available sets. | See signature set list below |
+| Signatures | signatures | "Enabled" flag can be modified. | All signatures in the included sets are enabled. |
+| Auto-Added signature accuracy | minimumAccuracyForAutoAddedSignatures | Editable | Medium |
+
+## Signature sets
+
+The default and strict policies include and enable common signature sets, which are categorized groups of [signatures](#attack-signatures-overview) applied to the policy. However, you may wish to modify the list of signature sets and their logging and enforcement settings via the `signature-sets` array property. There are several ways to configure the enforced signature sets.
+
+One way is by use of the `All Signatures` signature set, which is simply a predefined signature set that includes all signatures known to NGINX App Protect WAF.
+
+In this example, the `All Signatures` set (and therefore the signatures included within) are configured to be enforced and logged respectively, by setting their `block` and `alarm` properties:
+
+```json
+{
+    "policy": {
+        "name": "attack_sigs",
+        "template": { "name": "POLICY_TEMPLATE_NGINX_BASE" },
+        "applicationLanguage": "utf-8",
+        "enforcementMode": "blocking",
+        "signature-sets": [
+            {
+                 "name": "All Signatures",
+                 "block": true,
+                 "alarm": true
+            }
+        ]
+    }
+}
+```
+
+In this example, only high accuracy signatures are configured to be enforced, but SQL Injection signatures are detected and reported:
+
+```json
+{
+    "policy": {
+        "name": "attack_sigs",
+        "template": {
+            "name": "POLICY_TEMPLATE_NGINX_BASE"
+        },
+        "applicationLanguage": "utf-8",
+        "enforcementMode": "blocking",
+        "signature-sets": [
+            {
+                "name": "High Accuracy Signatures",
+                "block": true,
+                "alarm": true
+            },
+            {
+                "name": "SQL Injection Signatures",
+                "block": false,
+                "alarm": true
+            }
+        ]
+    }
+}
+```
+
+Since the "All Signatures" set is not included in the default policy, turning OFF both alarm and block has no effect because all the other sets with alarm turned ON (and high accuracy signatures with block enabled) are still in place and a signature that is a member of multiple sets behaves in accordance with the strict settings of all sets it belongs to. The only way to remove signature sets is to remove or disable sets that are part of the [default policy](#signature-sets-in-default-policy).
+
+For example, in the below default policy, even though All Signature's Alarm/Block settings are set to false, we cannot ignore all attack signatures enforcement as some of the signature sets will be enabled in their strict policy. If the end users want to remove a specific signature set then they must explicitly mention it under the [strict policy](#the-strict-policy).
+
+```json
+{
+    "policy": {
+        "name": "signatures_block",
+        "template": {
+            "name": "POLICY_TEMPLATE_NGINX_BASE"
+        },
+        "applicationLanguage": "utf-8",
+        "caseInsensitive": false,
+        "enforcementMode": "blocking",
+        "signature-sets": [
+            {
+                "name": "Generic Detection Signatures (High/Medium Accuracy)",
+                "block": false,
+                "alarm": false
+            },
+            {
+                "name": "All Signatures",
+                "block": false,
+                "alarm": false
+            }
+        ]
+    }
+}
+```
+
+A signature may belong to more than one set in the policy. Its behavior is determined by the most severe action across all the sets that contain it. In the above example, a high accuracy SQL injection signature will both alarm and block, because the `High Accuracy Signatures` set is blocking and both sets trigger alarm.
+
+The default policy already includes many signature sets, most of which are determined by the attack type these signatures protect from, for example `Cross-Site Scripting Signatures` or `SQL Injection Signatures`. See [the full list](#signature-sets-in-default-policy) above. In some cases you may want to exclude individual signatures.
+
+In this example, signature ID 200001834 is excluded from enforcement:
+
+```json
+{
+    "policy": {
+        "name": "signature_exclude",
+        "template": { "name": "POLICY_TEMPLATE_NGINX_BASE" },
+        "applicationLanguage": "utf-8",
+        "enforcementMode": "blocking",
+        "signature-sets": [
+            {
+                 "name": "All Signatures",
+                 "block": true,
+                 "alarm": true
+            }
+        ],
+        "signatures": [
+            {
+                 "signatureId": 200001834,
+                 "enabled": false
+            }
+        ]
+    }
+}
+```
+
+Another way to exclude signature ID 200001834 is by using the `modifications` section instead of the `signatures` section used in the example above:
+
+```json
+{
+    "policy": {
+        "name": "signature_modification_entitytype",
+        "template": { "name": "POLICY_TEMPLATE_NGINX_BASE" },
+        "applicationLanguage": "utf-8",
+        "enforcementMode": "blocking",
+        "signature-sets": [
+            {
+                 "name": "All Signatures",
+                 "block": true,
+                 "alarm": true
+            }
+        ]
+    },
+    "modifications": [
+        {
+            "entityChanges": {
+                "enabled": false
+            },
+            "entity": {
+                "signatureId": 200001834
+            },
+            "entityType": "signature",
+            "action": "add-or-update"
+        }
+    ]
+}
+```
+
+To exclude multiple attack signatures, each signature ID needs to be added as a separate entity under the `modifications` list:
+
+```json
+{
+    "modifications": [
+        {
+            "entityChanges": {
+                "enabled": false
+            },
+            "entity": {
+                "signatureId": 200001834
+            },
+            "entityType": "signature",
+            "action": "add-or-update"
+        },
+        {
+            "entityChanges": {
+                "enabled": false
+            },
+            "entity": {
+                "signatureId": 200004461
+            },
+            "entityType": "signature",
+            "action": "add-or-update"
+        }
+    ]
+}
+```
+
+In the above examples, the signatures were disabled for all the requests that are inspected by the respective policy. You can also exclude signatures for specific URLs or parameters, while still enable them for the other URLs and parameters. See the sections on [User-Defined URLs](#user-defined-urls) and [User-Defined Parameters](#user-defined-parameters) for details.
+
+In some cases, you may want to remove a whole signature set that was included in the default policy. For example, suppose your protected application does not use XML and hence is not exposed to XPath injection. You would like to remove the set `XPath Injection Signatures`. There are two ways to do that. The first is to set the `alarm` and `block` flags to `false` for this signature set overriding the settings in the base template:
+
+```json
+{
+    "policy": {
+        "name": "no_xpath_policy",
+        "template": { "name": "POLICY_TEMPLATE_NGINX_BASE" },
+        "signature-sets": [
+            {
+                 "name": "XPath Injection Signatures",
+                 "block": false,
+                 "alarm": false
+            }
+        ]
+    }
+}
+```
+
+The second way is to remove this set totally from the policy using the `$action` meta-property.
+
+```json
+{
+    "policy": {
+        "name": "no_xpath_policy",
+        "template": { "name": "POLICY_TEMPLATE_NGINX_BASE" },
+        "signature-sets": [
+            {
+                 "name": "XPath Injection Signatures",
+                 "$action": "delete"
+            }
+        ]
+    }
+}
+```
+
+Although the two methods are functionally equivalent, the second one is preferable for performance reasons.
+
+The following signature sets are included in the default policy. Most of the sets are defined by the Attack Type they protect from. In all sets the **Alarm** flag is enabled and **Block** disabled except High Accuracy Signatures, which are set to **blocked** (`block` parameter is enabled).
+
+- Command Execution Signatures
+- Cross Site Scripting Signatures
+- Directory Indexing Signatures
+- Information Leakage Signatures
+- OS Command Injection Signatures
+- Path Traversal Signatures
+- Predictable Resource Location Signatures
+- Remote File Include Signatures
+- SQL Injection Signatures
+- Authentication/Authorization Attack Signatures
+- XML External Entities (XXE) Signatures
+- XPath Injection Signatures
+- Buffer Overflow Signatures
+- Denial of Service Signatures
+- Vulnerability Scan Signatures
+- High Accuracy Signatures
+- Server Side Code Injection Signatures
+- CVE Signatures
+
+These signatures sets are included but are not part of the default template.
+
+-   All Response Signatures
+-   All Signatures
+-   Generic Detection Signatures
+-   Generic Detection Signatures (High Accuracy)
+-   Generic Detection Signatures (High/Medium Accuracy)
+-   High Accuracy Signatures
+-   Low Accuracy Signatures
+-   Medium Accuracy Signatures
+-   OWA Signatures
+-   WebSphere signatures
+-   HTTP Response Splitting Signatures
+-   Other Application Attacks Signatures
+-   High Accuracy Detection Evasion Signatures
\ No newline at end of file
diff --git a/content/waf/policies/configuration.md b/content/waf/policies/configuration.md
new file mode 100644
index 000000000..8efc9b7d3
--- /dev/null
+++ b/content/waf/policies/configuration.md
@@ -0,0 +1,384 @@
+---
+# We use sentence case and present imperative tone
+title: "Configure policies"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 100
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to as a single source of truth to replace the two [Configuration]({{< ref "/nap-waf/v4/configuration-guide/configuration.md" >}}) [Guides]({{< ref "/nap-waf/v5/configuration-guide/configuration.md" >}}) (two separate links).
+
+Outside of the overlapping information for Policy configuration, the existing pages also include general configuration information, such as for F5 WAF for NGINX itself. This detail can be added to a separate page, ensuring that each document acts as a solution for exactly one problem at a time.
+
+{{</ call-out >}}
+
+This page describes the security features available with F5 WAF for NGINX and how to configure policies. 
+
+For better understanding of some contextual nouns, read the [Terminology]({{< ref "/waf/fundamentals/terminology.md" >}}) topic.
+
+## General configuration
+
+F5 WAF for NGINX ships with two reference policies, both with a default enforcement mode set to Blocking:
+
+- The **default** policy which is identical to the base template and provides OWASP Top 10 and Bot security protection out of the box.
+- The **strict** policy contains more restrictive criteria for blocking traffic than the default policy. It is meant to be used for protecting sensitive applications that require more security but with higher risk of false positives.
+
+You can use these policies as-is, but they are often the starting points for customizations according to the needs of the applications F5 WAF NGINX protects.
+
+### Configuration overview
+
+The F5 WAF for NGINX security policy configuration uses a declarative format based on a pre-defined base template. 
+
+The policy is represented in a JSON file which you can edit to add, modify and remove security capabilities in reference to the base template. 
+
+The way the policy is integrated into the NGINX configuration is through referencing the JSON file (Using the full path) in the `nginx.conf` file.
+
+{{< call-out "note" >}}
+
+F5 WAF for NGINX provides a [JSON Schema](https://json-schema.org/) which can be used to validate a JSON policy file for format compliance. 
+
+The schema file can be generated using a script once F5 WAF for NGINX is installed: `sudo /opt/app_protect/bin/generate_json_schema.pl`. 
+
+This script will output the schema to a file named `policy.json` into the current working directory. Once the schema file is generated, you can use validation tools such as [AJV](https://ajv.js.org/standalone.html) to validate a JSON policy file.
+
+This schema is used for the [Policy parameter reference]({{< ref "/waf/policies/parameter-reference.md" >}}).
+
+{{< /call-out >}}
+
+In the following example, the NGINX configuration file with F5 WAF for NGINX is enabled in the HTTP context and the policy _/etc/app_protect/conf/NginxDefaultPolicy.json_ is used:
+
+```nginx
+user nginx;
+worker_processes  4;
+
+load_module modules/ngx_http_app_protect_module.so;
+
+error_log /var/log/nginx/error.log debug;
+
+events {
+    worker_connections  65536;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+    sendfile        on;
+    keepalive_timeout  65;
+
+    app_protect_enable on; # This is how you enable F5 WAF for NGINX in the relevant context/block
+    app_protect_policy_file "/etc/app_protect/conf/NginxDefaultPolicy.json"; # This refers to which policy file to use, which falls back to the default policy
+    app_protect_security_log_enable on; # This section enables logging
+    app_protect_security_log "/etc/app_protect/conf/log_default.json" syslog:server=127.0.0.1:514; # This is where the remote logger is defined in terms of: logging options (defined in the referenced file), log server IP, log server port
+
+    server {
+        listen       80;
+        server_name  localhost;
+        proxy_http_version 1.1;
+
+        location / {
+            client_max_body_size 0;
+            default_type text/html;
+            proxy_pass http://172.29.38.211:80$request_uri;
+        }
+    }
+}
+```
+
+### Base template
+
+The base template is the common starting point for any policy you write.
+
+The default policy reflects the base template without any further modifications, so the terms _base template_ and _default policy_ are used interchangeably. 
+
+The default policy appears as follows:
+
+```json
+{
+    "policy" : {
+        "name": "app_protect_default_policy",
+        "template": { "name": "POLICY_TEMPLATE_NGINX_BASE" }
+    }
+}
+```
+
+The default policy enforces violations by **Violation Rating**, the F5 WAF for NGINX computed assessment of the risk of the request based on the triggered violations.
+
+- 0: No violation
+- 1-2: False positive
+- 3: Needs examination
+- 4-5: Threat
+
+The default policy enables most of the violations and signature sets with Alarm turned **ON**, but not **Block**. 
+
+These violations and signatures, when detected in a request, affect the violation rating. By default, if the violation rating is calculated to be malicious (4-5) the request will be blocked by the `VIOL_RATING_THREAT` violation. 
+
+This is true even if the other violations and signatures detected in that request have the Block flag turned OFF. It is the `VIOL_RATING_THREAT` violation having the Block flag turned ON that caused the blocking, but indirectly the combination of all the other violations and signatures in Alarm caused the request to be blocked. 
+
+By default, other requests which have a lower violation rating are not blocked, except for some specific violations described below. This is to minimize false positives. However, you can change the default behavior. 
+
+For example, if you want to add blocking on a violation rating of 3 as well, enable blocking for the `VIOL_RATING_NEED_EXAMINATION` violation.
+
+The following violations and signature sets have a low chance of being false positives and are, therefore, configured by default to block the request regardless of its Violation Rating:
+- High accuracy attack signatures
+- Threat campaigns
+- Malformed request: unparsable header, malformed cookie and malformed body (JSON or XML).
+
+### Default policy
+
+F5 WAF for NGINX offers prebuilt bundles for security policies:
+
+- _app_protect_default_policy_
+- _app_protect_strict_policy_
+
+{{< call-out "important" >}}
+
+You cannot mix these prebuilt bundles with custom policy bundles within the same `nginx.conf` file.
+
+{{< /call-out >}}
+
+Example:
+
+```nginx
+    ...
+    location / {
+
+        # F5 WAF for NGINX
+        app_protect_enable on;
+        app_protect_policy_file app_protect_strict_policy;
+        app_protect_security_log_enable on;
+        app_protect_security_log log_all stderr;
+
+        proxy_pass http://127.0.0.1:8080/;
+    }
+```
+
+#### Updating default policy bundles
+
+{{< call-out "note" >}}
+
+This section assumes that you have built a [compiler image]({{< ref "/waf/tools/compiler.md" >}}) named `waf-compiler-1.0.0:custom`.
+
+{{< /call-out >}}
+
+To generate versions of the default policies that include the latest security updates, use the `-factory-policy` option instead of a source policy file.
+
+For instance, to create an updated version of the `app_protect_default_policy`, use the following command:
+
+```shell
+docker run \
+ -v $(pwd):$(pwd) \
+ waf-compiler-1.0.0:custom \
+ -factory-policy default -o $(pwd)/new_default_policy.tgz
+```
+
+To create an updated version of the `app_protect_strict_policy`, use:
+
+```shell
+docker run \
+ -v $(pwd):$(pwd) \
+ waf-compiler-1.0.0:custom \
+ -factory-policy strict -o $(pwd)/new_strict_policy.tgz
+```
+
+After creating the updated version of a policy, reference it in the `nginx.conf` file:
+
+```nginx
+app_protect_policy_file /policies_mount/new_default_policy.tgz;
+```
+
+### Strict policy
+
+The strict policy is recommended as a starting point for applications requiring a higher level of security. 
+
+Similar to policies, it is customized from the base template, so it detects and blocks everything the default policy does.
+
+To obtain the strict policy, execute the following command:
+
+```shell
+sudo docker run --rm -v $(pwd):$(pwd) --entrypoint='' private-registry.nginx.com/nap/waf-compiler:1.0.0 cat /etc/app_protect/conf/NginxStrictPolicy.json
+```
+
+Replace the `1.0.0` with the actual release version.
+
+In addition the strict policy also **blocks** the following:
+
+- Requests that have a Violation Rating of 3, "Needs examination". This occurs because the `VIOL_RATING_NEED_EXAMINATION` violation's block flag is enabled in the strict policy.
+- Requests with the `VIOL_EVASION` violation (evasion techniques).
+- Requests with violations that restrict options in the request and response: HTTP method, response status code and disallowed file types.
+
+{{< call-out "note" >}} 
+
+Other violations, specifically attack signatures and metacharacters, which are more prone to false positives, still have only Alarm turned on, without blocking, contributing to the Violation Rating as in the Default policy.
+
+{{< /call-out >}}
+
+In addition, the Strict policy also enables the following features in **alarm only** mode:
+
+- **Data Guard**: masking Credit Card Number (CCN), US Social Security Number (SSN) and custom patterns found in HTTP responses.
+- **HTTP response data leakage signatures**: preventing exfiltration of sensitive information from the servers.
+- **More restrictive limitations**: mainly sizing and parsing of JSON and XML payloads.
+- **Cookie attribute insertion**: the Strict policy adds the **Secure** and **SameSite=lax** attributes to every cookie set by the application server. These attributes are enforced by the browsers and protect against session hijacking and CSRF attacks respectively.
+
+## Policy authoring and tuning
+
+The policy JSON file specifies the settings that are different from the base template, such as enabling more signatures, disabling some violations, adding server technologies, etc. These will be shown in the next sections.
+
+There are two ways to tune those settings:
+- Within the `policy` structure property, the organic structure of the policy.
+- Within the `modifications` structure property that contains a list of changes expressed in a generic manner.
+
+Both options are equivalent in their semantic expression power, but different syntactically and are designated for different use cases. But before that, let's look at an example - disabling a specific attack signature.
+
+Signature 200001834 disabled in the `policy` property:
+
+```json
+{
+    "policy": {
+        "name": "signature_exclude_1",
+        "signatures": [
+            {
+                "signatureId": 200001834,
+                "enabled": false
+            }
+        ]
+    }
+}
+```
+
+As you can see, this is expressed using the `signatures` property that contains configuration of individual signatures in a policy. If you want to modify other parts of the policy, you would use different JSON properties.
+
+The same configuration in the `modifications` array looks like this:
+
+```json
+{
+    "policy": {
+        "name": "signature_exclude_2"
+    },
+    "modifications": [
+        {
+            "entityChanges": {
+                "enabled": false
+            },
+            "entity": {
+                "signatureId": 200001834
+            },
+            "entityType": "signature",
+            "action": "add-or-update"
+        }
+    ]
+}
+```
+
+Note the generic schema that can express manipulation in any policy element: `entity`, `entityType`, `action` etc. The `modifications` array is a flat list of individual changes applied to the policy after evaluating the `policy` block.
+
+So when to use `policy` and when to use `modifications`? There are some recommended practice guidelines for that:
+- Use `policy` to express the security policy as you intended it to be: the features you want to enable, disable, the signature sets, server technologies and other related configuration attributes. This part of the policy is usually determined when the application is deployed and changes at a relatively slow pace.
+- Use `modifications` to express **exceptions** to the intended policy. These exceptions are usually the result of fixing false positive incidents and failures in tests applied to those policies. Usually these are granular modifications, typically disabling checks of individual signatures, metacharacters and sub-violations. These changes are more frequent.
+- Use `modifications` also for **removing** individual collection elements from the base template, for example disallowed file types.
+
+It is a good practice to separate the `modifications` to a different file and have the main policy file reference the former, as the two parts have different lifecycles.
+
+The sections just below review the common policy feature configurations using examples. For the full reference of the `policy` JSON properties see the Declarative Policy guide.
+
+### Policy enforcement modes
+
+A policy's enforcement mode can be:
+
+- **Blocking:** Any illegal or suspicious requests are logged and blocked.  This is the default enforcement mode for the default policy and any added policy unless changed to Transparent.
+- **Transparent:** Any illegal or suspicious requests are logged but not blocked.
+
+Individual security features can be defined as blocked or transparent in the policy. Here are examples of both:
+
+{{< tabs name="enforcement-modes">}}
+
+{{% tab name="Blocking" %}}
+
+```json
+{
+    "policy": {
+        "name": "policy_name",
+        "template": { "name": "POLICY_TEMPLATE_NGINX_BASE" },
+        "applicationLanguage": "utf-8",
+        "enforcementMode": "blocking"
+    }
+}
+```
+
+{{% /tab %}}
+
+{{% tab name="Transparent" %}}
+
+```json
+{
+    "policy": {
+        "name": "policy_name",
+        "template": { "name": "POLICY_TEMPLATE_NGINX_BASE" },
+        "applicationLanguage": "utf-8",
+        "enforcementMode": "transparent"
+    }
+}
+```
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+### Enabling violations
+
+Adding and enabling additional security features to the policy can be done by specifying the violation name and the `alarm` block state to `true`. 
+
+To set different states for sub-violations within the violation, enable the violation first, then specifying and configure the sub-violations. 
+
+A violation may have its own section that provides additional configuration granularity for a specific violation/sub-violation.
+
+{{< call-out "note" >}}
+
+The attack signature violation `VIOL_ATTACK_SIGNATURE` cannot be configured.
+
+It is determined by the combination of the [signature sets]({{< ref "/waf/policies/attack-signatures.md#signature-sets ">}}) on the policy.
+
+{{< /call-out >}}
+
+In this example, we enable a violation and a sub-violation: `VIOL_JSON_FORMAT` and `VIOL_PARAMETER_VALUE_METACHAR`.
+
+The example defines the blocking and alarm setting for each violation.  These settings override the default configuration set above in the `enforcementMode` directive.  
+
+Be aware, however, that in a transparent policy no violations are blocked, even if specific violations are set to `block: true` in the configuration.
+
+```json
+{
+    "policy": {
+        "name": "policy_name",
+        "template": { "name": "POLICY_TEMPLATE_NGINX_BASE" },
+        "applicationLanguage": "utf-8",
+        "enforcementMode": "blocking",
+        "blocking-settings": {
+            "violations": [
+                {
+                    "name": "VIOL_JSON_FORMAT",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "name": "VIOL_PARAMETER_VALUE_METACHAR",
+                    "alarm": false,
+                    "block": false
+                }
+            ]
+        }
+    }
+}
+```
+
+
+## Supported security policy features
+
+{{< include "waf/supported-policy-features.md" >}}
\ No newline at end of file
diff --git a/content/waf/policies/ip-intelligence.md b/content/waf/policies/ip-intelligence.md
new file mode 100644
index 000000000..cb3e84c6c
--- /dev/null
+++ b/content/waf/policies/ip-intelligence.md
@@ -0,0 +1,269 @@
+---
+# We use sentence case and present imperative tone
+title: "IP intelligence"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 400
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: reference
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+F5 WAF for NGINX has an IP intelligence feature which allows you to customize enforcement based on the source IP address of a request. This allows you to limit access from specific IP addresses. 
+
+It is _**disabled** by default_, requiring extra steps to enable and configure.
+
+## Enable IP intelligence
+
+### Before you begin
+
+To complete this guide, you will need the following prerequisites:
+
+- The host must have an active internet connection and working DNS
+- The host must be able to access `vector.brightcloud.com` over port 443
+- The host must be configured properly if connecting through a forward proxy server
+
+A proxy server can be configured in the file `/etc/app_protect/tools/iprepd.cfg`:
+
+```shell
+EnableProxy=True 
+ProxyHost=5.1.2.4
+ProxyPort=8080
+ProxyUsername=admin        # Optional
+ProxyPassword=admin        # Optional
+CACertPath=/etc/ssl/certs/ca-certificates.crt  # Optional`
+```
+
+After saving the changes, restart the client to apply the new settings:
+
+```shell
+/opt/app_protect/bin/iprepd /etc/app_protect/tools/iprepd.cfg > ipi.log 2>&1 &
+```
+
+### Install virtual machine packages
+
+{{< call-out "warning" >}}
+
+This section **only** applies to V4 packages.
+
+{{< /call-out >}}
+
+To enable IP intelligence on a virtual machine or bare metal installation, you must install an extra package. You can install the extra package during or after set-up.
+
+Review the [virtual machine installation instructions]({{< ref "/waf/install/plus/virtual-environment.md" >}}) for information on how to use the package manager for a specific operating system.
+
+| Operating system                    | Package name                  |
+| ----------------------------------- | ----------------------------- |
+| Alpine Linux                        | _app-protect-ip-intelligence_ |
+| Amazon Linux                        | _app-protect-ip-intelligence_ |
+| Debian                              | _app-protect-ip-intelligence_ |
+| Oracle Linux / RHEL / Rocky Linux 8 | _app-protect-ip-intelligence_ |
+| Ubuntu                              | _app-protect-ip-intelligence_ |
+| RHEL / Rocky Linux 9                | _app-protect-ip-intelligence_ |
+
+After installing the package, run the client:
+
+```shell
+/opt/app_protect/bin/iprepd /etc/app_protect/tools/iprepd.cfg > ipi.log 2>&1 &
+```
+
+Then verify the client is populating the database:
+
+```shell
+tail -f iprepd.log
+```
+
+Once complete, you can now [Configure policies for IP intelligence](#configure-policies-for-ip-intelligence).
+
+### Modify Docker compose file
+
+{{< call-out "warning" >}}
+
+This section **only** applies to V5 packages.
+
+{{< /call-out >}}
+
+IP intelligence has its own Docker container when using a V5 package.
+
+You can add it to the deployment in your Docker Compose file.
+
+First, create the required directory:
+
+```shell
+sudo mkdir -p /var/IpRep
+```
+
+Then set correct ownership of the directory:
+
+```shell
+sudo chown -R 101:101 /var/IpRep
+```
+
+Modify the _original docker-compose.yml_ file to include the IP intelligence container, replacing image tags as appropriate:
+
+```
+services:
+  waf-enforcer:
+    container_name: waf-enforcer
+    image: waf-enforcer:5.7.0
+    environment:
+      - ENFORCER_PORT=50000
+    ports:
+      - "50000:50000"
+    volumes:
+      - /opt/app_protect/bd_config:/opt/app_protect/bd_config
+    networks:
+      - waf_network
+    restart: always
+    depends_on:
+      - waf-ip-intelligence
+
+  waf-config-mgr:
+    container_name: waf-config-mgr
+    image: waf-config-mgr:5.7.0
+    volumes:
+      - /opt/app_protect/bd_config:/opt/app_protect/bd_config
+      - /opt/app_protect/config:/opt/app_protect/config
+      - /etc/app_protect/conf:/etc/app_protect/conf
+    restart: always
+    network_mode: none
+    depends_on:
+      waf-enforcer:
+        condition: service_started
+
+   waf-ip-intelligence:
+    container_name: waf-ip-intelligence
+    image: waf-ip-intelligence:5.7.0
+    volumes:
+      - /var/IpRep:/var/IpRep
+    networks:
+      - waf_network
+    restart: always
+
+networks:
+  waf_network:
+    driver: bridge
+```
+
+Once complete, you can now [Configure policies for IP intelligence](#configure-policies-for-ip-intelligence).
+
+## Configure policies for IP intelligence
+
+Once the requirements for IP intelligence have been installed, you can enable it in two sections of your policy:
+
+1. In the violation list, assigning block and alarm values (`"name": "VIOL_MALICIOUS_IP"`)
+1. In a new IP intelligence section, defining actions for each category (`"ip-intelligence": {"enabled": true}`)
+
+The following policy shows examples of both, with all IP intelligence categories configure to _block_ and _alarm_:
+
+```json
+{
+    "policy": {
+        "name": "ip_intelligency_policy",
+        "template": {
+            "name": "POLICY_TEMPLATE_NGINX_BASE"
+        },
+        "applicationLanguage": "utf-8",
+        "caseInsensitive": false,
+        "enforcementMode": "blocking",
+        "blocking-settings": {
+            "violations": [
+                {
+                    "name": "VIOL_MALICIOUS_IP",
+                    "alarm": true,
+                    "block": true
+                }
+            ]
+        },
+        "ip-intelligence": {
+            "enabled": true,
+            "ipIntelligenceCategories": [
+                {
+                    "category": "Anonymous Proxy",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "BotNets",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "Cloud-based Services",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "Denial of Service",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "Infected Sources",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "Mobile Threats",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "Phishing Proxies",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "Scanners",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "Spam Sources",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "Tor Proxies",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "Web Attacks",
+                    "alarm": true,
+                    "block": true
+                },
+                {
+                    "category": "Windows Exploits",
+                    "alarm": true,
+                    "block": true
+                }
+            ]
+        }
+    }
+}
+```
+
+This policy will block  all IP addresses that are part of any threat category (`"block": true`) and add a log entry (`"alarm": true`) for the transaction.
+
+The IP address database is managed by an external provider and is constantly updated (every 1 minute by default). 
+
+The database categorizes IP addresses into one or more threat categories. These are the same categories that can be configured individually in the IP intelligence section:
+
+- Anonymous Proxy
+- BotNets
+- Cloud-based Services
+- Denial of Service
+- Infected Sources
+- Mobile Threats
+- Phishing Proxies
+- Scanners
+- Spam Sources
+- Tor Proxies
+- Web Attacks
+- Windows Exploits
+
+Since the IP address database is constantly updated, their enforcement may also change. Addresses may be added, removed, or moved from one category to another based on their reported activity.
\ No newline at end of file
diff --git a/content/waf/policies/parameter-reference.md b/content/waf/policies/parameter-reference.md
new file mode 100644
index 000000000..b39440d85
--- /dev/null
+++ b/content/waf/policies/parameter-reference.md
@@ -0,0 +1,15 @@
+---
+title: Policy parameter reference
+toc: true
+weight: 200
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to act as a single reference point for what has previously existed in documentation as [Declarative Policy]({{< ref "/nap-waf/v4/declarative-policy/policy.md" >}}).
+
+Like many other pages, a lot of the information was duplicated - this provides a single source of truth, and supports the Policy section by having all of the context for policies close together.
+
+{{</ call-out>}}
+
+{{< include "waf/policy.html" >}}
diff --git a/content/waf/signatures/_index.md b/content/waf/signatures/_index.md
new file mode 100644
index 000000000..de4a9406a
--- /dev/null
+++ b/content/waf/signatures/_index.md
@@ -0,0 +1,5 @@
+---
+title: "Signatures"
+url: /app-protect-waf/signatures/
+weight: 600
+---
diff --git a/content/waf/signatures/attacks.md b/content/waf/signatures/attacks.md
new file mode 100644
index 000000000..6ac432be7
--- /dev/null
+++ b/content/waf/signatures/attacks.md
@@ -0,0 +1,21 @@
+---
+# We use sentence case and present imperative tone
+title: "Update F5 WAF for NGINX attack signatures"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 100
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to act as a replacement for the existing [Updating App Protect Attack Signatures]({{< ref "/nap-waf/v4/admin-guide/install.md#updating-app-protect-attack-signatures" >}}) section in the Administration/Install guides.
+
+Each document should fulfill one specific operation: people may not need information on how to update signatures immediately after installing NGINX App Protect WAF, so this decouples the information into somewhere easily findable.
+
+{{</ call-out >}}
\ No newline at end of file
diff --git a/content/waf/signatures/bots.md b/content/waf/signatures/bots.md
new file mode 100644
index 000000000..7feff04b4
--- /dev/null
+++ b/content/waf/signatures/bots.md
@@ -0,0 +1,21 @@
+---
+# We use sentence case and present imperative tone
+title: "Update F5 WAF for NGINX bot signatures"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 300
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to act as a replacement for the existing [Updating App Protect Bot Signatures ]({{< ref "/nap-waf/v4/admin-guide/install.md#updating-app-protect-bot-signatures" >}}) section in the Administration/Install guides.
+
+Each document should fulfill one specific operation: people may not need information on how to update signatures immediately after installing NGINX App Protect WAF, so this decouples the information into somewhere easily findable.
+
+{{</ call-out >}}
\ No newline at end of file
diff --git a/content/waf/signatures/threat-campaigns.md b/content/waf/signatures/threat-campaigns.md
new file mode 100644
index 000000000..3572e6e2e
--- /dev/null
+++ b/content/waf/signatures/threat-campaigns.md
@@ -0,0 +1,21 @@
+---
+# We use sentence case and present imperative tone
+title: "Update F5 WAF for NGINX threat campaign signatures"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 200
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+The design intention for this page is to act as a replacement for the existing [Updating App Protect Threat Campaigns ]({{< ref "/nap-waf/v4/admin-guide/install.md#updating-app-protect-threat-campaigns" >}}) section in the Administration/Install guides.
+
+Each document should fulfill one specific operation: people may not need information on how to update signatures immediately after installing NGINX App Protect WAF, so this decouples the information into somewhere easily findable.
+
+{{</ call-out >}}
\ No newline at end of file
diff --git a/content/waf/support.md b/content/waf/support.md
new file mode 100644
index 000000000..ee002b359
--- /dev/null
+++ b/content/waf/support.md
@@ -0,0 +1,140 @@
+---
+# We use sentence case and present imperative tone
+title: "Support"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 900
+# Creates a table of contents and sidebar, useful for large documents
+toc: false
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+## Support policy
+
+F5 WAF for NGINX adheres to the support policy detailed in the following knowledge base article: [K000140156](https://my.f5.com/manage/s/article/K000140156).
+
+## Contact F5 Support
+
+For questions or assistance with installing, troubleshooting, or using F5 WAF for NGINX, contact support through the [MyF5 Customer Portal](https://account.f5.com/myf5).
+
+### Collecting log information
+
+As part of opening a support ticket, you will be asked to collect troubleshooting information for a customer support engineer.
+
+The steps involved depend on your deployment type.
+
+{{< tabs name="log-options" >}}
+
+{{% tab name="Virtual environment" %}}
+
+Get the operating system information:
+
+```shell
+cat /etc/os-release > system_version.txt && uname -r >> system_version.txt && cat /proc/version >> system_version.txt
+```
+
+Collect the package versions:
+
+```shell
+cat /opt/app_protect/VERSION /opt/app_protect/RELEASE > package_versions.txt
+```
+
+You may need a different command depending on the operating system.
+
+```shell
+# Alpine Linux
+apk info -vv | grep -E 'nginx|app-protect' > package_versions.txt
+# Debian / Ubuntu
+apt list --installed | grep -E 'nginx|app-protect' > package_versions.txt
+# RHEL / Amazon Linux / Oracle Linux
+rpm -qa nginx* app-protect* > package_versions.txt
+```
+
+Create a list of files called _tarball-targets.txt_:
+
+```text
+system_version.txt
+package_versions.txt
+/var/log/app_protect/*
+/var/log/nginx/*
+/etc/nginx.conf
+# Add any additional policy or log configuration files
+```
+
+Create a tarball using the list of files:
+
+```shell
+tar cvfz logs.tgz `cat tarball-targets.txt`
+```
+
+{{% /tab %}}
+
+{{% tab name="Docker" %}}
+
+Use _docker compose_ to create log files:
+
+```shell
+sudo docker compose logs > docker_compose_logs.txt
+```
+
+If a centralized logging system such as the ELK stack is used, you should retrieve them in CSV format instead:
+
+```shell
+sudo docker compose logs > docker_compose_logs.csv
+```
+
+Add the log files to a tarball:
+
+```shell
+tar cvfz logs.tgz docker_compose_logs.txt
+```
+
+{{% /tab %}}
+
+{{% tab name="Kubernetes" %}}
+
+In the following steps, replace `<example-ns>` with the namespace you used to deploy F5 WAF for NGINX.
+
+Verify the pods in your deployment:
+
+```shell
+kubectl get pods -n <example-ns>
+```
+
+Use the following script to collect logs from every pod, which will create a timestamped directory with files after each pod and container:
+
+```shell
+#!/bin/bash
+
+set -x
+
+# Define the namespace variable
+NAMESPACE="<example-ns>"
+
+# Define a directory to store log files
+log_dir="k8s_logs_$(date +%Y%m%d_%H%M%S)"
+mkdir -p "$log_dir"
+
+# Loop through all pods and containers, saving logs to timestamped directories
+for pod in $(kubectl get pods -n $NAMESPACE -o=name | sed 's|pod/||g'); do
+    for container in $(kubectl get pod/$pod -n $NAMESPACE -o=jsonpath='{.spec.containers[*].name}'); do
+        kubectl logs $pod -c $container -n $NAMESPACE > "${log_dir}/${pod}_${container}_logs.txt"
+    done
+done
+```
+
+Once the log files have been saved, run the following command to create a tarball:
+
+```shell
+tar cvfz logs.tgz .
+```
+
+
+{{% /tab %}}
+
+{{< /tabs >}}
+
+Attach the tarball named _logs.tgz_ to your support ticket.
\ No newline at end of file
diff --git a/content/waf/tools/_index.md b/content/waf/tools/_index.md
new file mode 100644
index 000000000..949394753
--- /dev/null
+++ b/content/waf/tools/_index.md
@@ -0,0 +1,5 @@
+---
+title: "Tools"
+url: /app-protect-waf/tools/
+weight: 400
+---
diff --git a/content/waf/tools/apreload.md b/content/waf/tools/apreload.md
new file mode 100644
index 000000000..ef9ac8e95
--- /dev/null
+++ b/content/waf/tools/apreload.md
@@ -0,0 +1,77 @@
+---
+# We use sentence case and present imperative tone
+title: "Use apreload to configure F5 WAF for NGINX"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 100
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+This page is for the apreload detail included on the following two pages:
+
+- [V4]({{< ref "/nap-waf/v4/configuration-guide/configuration.md#apreload" >}})
+- [V5]({{< ref "/nap-waf/v5/configuration-guide/configuration.md#apreload" >}})
+
+{{</ call-out >}}
+
+This document describes how to use `apreload`, a tool for updating F5 WAF for NGINX configuration without reloading NGINX.
+
+It interacts independently to NGINX, and can be used when any F5 WAF for NGINX files are modified, such as policies, logging profiles or global settings.
+
+_apreload_ can handle changes in policy content, with the exception of a policy name.
+
+While _apreload_ can update F5 WAF for NGINX configuration alone, an NGINX reload will update both NGINX and F5 WAF for NGINX configuration.
+
+`apreload` should be ran as the same user as NGINX to avoid file access errors.
+
+```text
+USAGE:
+    /opt/app_protect/bin/apreload:
+
+Optional arguments with default values:
+  -apply
+        Apply new configuration in enforcer (default true)
+  -i string
+        Path to the config set. Ex. /opt/app_protect/config/config_set.json (default "/opt/app_protect/config/config_set.json")
+  -policy-map-location string
+        Path to policy map location (default "/opt/app_protect/bd_config/policy_path.map")
+  -t    Test and prepare configuration without updating enforcement
+  -wait-for-enforcer
+        Wait until updated config is loaded (default true)
+
+Optionally, using --help will issue this help message.
+```
+
+## Concurrent apreload executions
+
+Concurrent NGINX reloads are enqueued and so are the entailed invocations to apreload by the NGINX App Protect WAF module.
+
+However, when invoking apreload directly, it is possible to invoke it while the previous invocation is still in progress. In this case, apreload will wait until the current invocation completes. The new invocation will bring a new configuration and the most recent configuration will only happen when the previous one is loaded.
+
+In a special scenario, when the first invocation comes from the NGINX reload followed immediately by a direct call to apreload. The NGINX workers with the new nginx.conf will be launched as soon as the Enforcer finishes the first configuration. Later, the most recent NGINX App Protect WAF configuration will be loaded (using with the same NGINX worker instances).
+
+## Limitations with HTTP Header and XFF Modification
+
+_apreload_ will not apply these two policy modifications:
+
+- New user defined HTTP headers, refer to User-defined HTTP Headers section. Note that modifications to existing user-defined headers will take effect in apreload.
+- XFF trust modifications, refer to XFF Headers and Trust section for more details.
+
+If you want to apply either of the above modifications, reload NGINX instead of using apreload.
+
+## apreload events
+
+_apreload_ events use the same format as operation log events written in the NGINX error log, reporting `configuration_load_success` or `configuration_load_failure` with JSON formatted details. 
+
+If any of the configuration files are invalid, _apreload_ will discover that and return the proper error message in the `configuration_load_failure event`. 
+
+The enforcer continues to run with the previous working configuration. 
+
+For more information, see the [Operation logs]() topic.
\ No newline at end of file
diff --git a/content/waf/tools/compiler.md b/content/waf/tools/compiler.md
new file mode 100644
index 000000000..6e6baeaaf
--- /dev/null
+++ b/content/waf/tools/compiler.md
@@ -0,0 +1,275 @@
+---
+# We use sentence case and present imperative tone
+title: "Build and use the compiler tool"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 200
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+This page replaces [V5 NGINX App Protect WAF Compiler]({{< ref "/nap-waf/v5/admin-guide/compiler.md">}}) page.
+
+Does this exclusively work with V5+ versions?
+
+{{</ call-out>}}
+
+This document describes how to use the F5 WAF for NGINX compiler, a tool for converting security policies and logging profiles from JSON to a bundle file that F5 WAF can process and apply.
+
+You can use it to get the latest security updates for Attack Signatures, Threat Campaigns and Bot Signatures. The compiler is packaged as a Docker image and can executed using the Docker CLI or as part of a continuous integration/ continuous delivery (CI/CD) pipeline.
+
+One or more bundle files can be referenced in the NGINX configuration file, and you can configure global settings such as the cookie seed and user-defined signatures.
+
+## Before you begin
+
+To complete this guide, you will need the following prerequisites:
+
+- An active F5 WAF for NGINX subscription (Purchased or trial)
+- Credentials to the [MyF5 Customer Portal](https://account.f5.com/myf5), provided by email from F5, Inc.
+- [Docker](https://docs.docker.com/get-started/get-docker/)
+
+## Download your subscription credentials 
+
+{{< include "licensing-and-reporting/download-certificates-from-myf5.md" >}}
+
+## Configure Docker for the F5 Container Registry 
+
+Create a directory and copy your certificate and key to this directory:
+
+```shell
+mkdir -p /etc/docker/certs.d/private-registry.nginx.com
+cp <path-to-your-nginx-repo.crt> /etc/docker/certs.d/private-registry.nginx.com/client.cert
+cp <path-to-your-nginx-repo.key> /etc/docker/certs.d/private-registry.nginx.com/client.key
+```
+
+Log in to the Docker registry:
+
+```shell
+docker login private-registry.nginx.com
+```
+
+## Create the Dockerfile
+
+This example Dockerfile is based on a Debian image.
+
+```dockerfile
+# syntax=docker/dockerfile:1
+ARG BASE_IMAGE=private-registry.nginx.com/nap/waf-compiler:<version-tag>
+FROM ${BASE_IMAGE}
+
+# Installing packages as root
+USER root
+
+ENV DEBIAN_FRONTEND="noninteractive"
+
+RUN --mount=type=secret,id=nginx-crt,dst=/etc/ssl/nginx/nginx-repo.crt,mode=0644 \
+    --mount=type=secret,id=nginx-key,dst=/etc/ssl/nginx/nginx-repo.key,mode=0644 \
+    apt-get update \
+    && apt-get install -y \
+        apt-transport-https \
+        lsb-release \
+        ca-certificates \
+        wget \
+        gnupg2 \
+        ubuntu-keyring \
+    && wget -qO - https://cs.nginx.com/static/keys/app-protect-security-updates.key | gpg --dearmor | \
+    tee /usr/share/keyrings/app-protect-security-updates.gpg >/dev/null \
+    && printf "deb [signed-by=/usr/share/keyrings/app-protect-security-updates.gpg] \
+    https://pkgs.nginx.com/app-protect-security-updates/ubuntu `lsb_release -cs` nginx-plus\n" | \
+    tee /etc/apt/sources.list.d/nginx-app-protect.list \
+    && wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx \
+    && apt-get update \
+    && apt-get install -y \
+        app-protect-attack-signatures \
+        app-protect-bot-signatures \
+        app-protect-threat-campaigns \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# non-root default user (UID 101)
+USER nginx
+```
+
+{{< call-out "note" >}}
+
+You can can upgrade or downgrade one of the Signatures by specifying a specific version, such as _app-protect-attack-signatures-2020.04.30_.
+
+{{< /call-out >}}
+
+You can use the Docker registry API to list the available image tags.
+
+Replace `<path-to-your-nginx-repo.key>` with the location of your client key and `<path-to-your-nginx-repo.crt>` with the location of your client certificate. 
+
+```shell
+curl -s https://private-registry.nginx.com/v2/nap/waf-compiler/tags/list --key <path-to-your-nginx-repo.key> --cert <path-to-your-nginx-repo.crt>
+```
+```json
+{
+  "name": "nap/waf-compiler",
+  "tags": [
+    "1.0.0",
+    "5.1.0",
+    "5.2.0"
+  ]
+}
+```
+
+{{< call-out "note" >}}
+
+The [jq](https://jqlang.github.io/jq/) command was used to format the example output.
+
+{{< /call-out >}}
+
+## Build the container image
+
+Run the following command to build your image, where `waf-compiler-<version-tag>:custom` is an example of the image tag:
+
+```shell
+sudo docker build --no-cache --platform linux/amd64 \
+--secret id=nginx-crt,src=nginx-repo.crt \
+--secret id=nginx-key,src=nginx-repo.key \
+-t waf-compiler-<version-tag>:custom .
+```
+
+{{< call-out "warning" >}}
+
+Never upload your F5 WAF for NGINX images to a public container registry such as Docker Hub. Doing so violates your license agreement.
+
+{{< /call-out >}}
+
+## Using the compiler
+
+This section uses `version-tag` as a placeholder in its examples, following the previous section. Ensure that all input files are accessible to UID 101.
+
+### Compile a security policy
+
+To compile a security policy from a JSON file and create a policy bundle, run the following command:
+
+```shell
+docker run --rm \
+ -v $(pwd):$(pwd) \
+ waf-compiler-<version-tag>:custom \
+ -p $(pwd)/policy.json -o $(pwd)/compiled_policy.tgz
+```
+
+{{< call-out "warning" >}}
+
+Ensure that the output directory is writable, otherwise you may encounter a permission denied error.
+
+{{< /call-out >}}
+
+To use multiple policy bundles within a single NGINX configuration, you must supply a [global settings](#global-settings) JSON file. 
+
+This ensures that all bundles have a common foundation such as cookie seed and user-defined signatures.
+
+An example `global_settings.json` might look as follows:
+
+```json
+{
+    "waf-settings": {
+        "cookie-protection": {
+            "seed": "<seed value>"
+        }
+    }
+}
+```
+
+To compile a policy with global settings, add the `-g` parameter:
+
+```shell
+docker run --rm \
+ -v $(pwd):$(pwd) \
+ waf-compiler-1.0.0:custom \
+ -g $(pwd)/global_settings.json -p $(pwd)/policy.json -o $(pwd)/compiled_policy.tgz
+```
+
+You can incorporate the source of the policy (as `policy.json`) or logging profile (as `logging_profile.json`) into the final bundle using the `-include-source` parameter.
+
+```shell
+docker run --rm \
+ -v $(pwd):$(pwd) \
+ waf-compiler-1.0.0:custom \
+ -include-source -full-export -g $(pwd)/global_settings.json -p $(pwd)/policy.json -o $(pwd)/compiled_policy.tgz
+```
+
+This will transform any configuration that relies on external references into an inline configuration within the bundled source. 
+
+Additionally, when `-include-source` is combined with `-full-export`, the policy.json within the bundle will contain the entire source policy, including any default settings from the base template.
+
+### Compile a logging profile
+
+To compile a logging profile, execute the command below:
+
+```shell
+docker run \
+ -v $(pwd):$(pwd) \
+ waf-compiler-<version-tag>:custom \
+ -l $(pwd)/log_01.json -o $(pwd)/log01.tgz
+```
+
+### View bundle information
+
+To view information about a bundle file, such as attack signatures versions, use the following command:
+
+```shell
+docker run \
+ -v $(pwd):$(pwd) \
+ waf-compiler-<version-tag>:custom \
+ -dump -bundle $(pwd)/compiled_policy.tgz
+```
+
+## Global settings
+
+The global settings allows configuration of the following items:
+
+### cookie-protection
+
+| Field Name | Reference | Type | Description |
+| ---------- | --------- | ---- | ----------- |
+| seed | string | The seed value is used by F5 NGINX App Protect WAF to generate the encryption key for the cookies it creates. These cookies are used for various purposes such as validating the integrity of the cookies generated by the application. Use a random alphanumeric string of at least 20 characters length (but not more than 1000 characters). |
+
+### user-defined-signatures
+
+| Field Name | Reference | Type | Description |
+| ---------- | --------- | ---- | ----------- |
+| $ref | Yes | string | Path to the file that contains the user defined signatures. |
+
+#### Example
+
+```json
+{
+    "waf-settings": {
+        "cookie-protection": {
+            "seed": "80miIOiSeXfvNBiDJV4t"
+        },
+        "user-defined-signatures": [
+            {
+                "$ref": "file:///policies/uds.json"
+            }
+        ]
+    }
+}
+```
+
+{{< call-out "warning" >}}
+
+When deploying multiple scalability instances (Such as Kubernetes deployment replicas), ensure that all policy bundles are compiled with the same global settings and security updates.
+
+{{< /call-out >}}
+
+
+## Using the compiler in a CI/CD process
+
+When executing commands inside the compiler container, ensure that you use `/opt/app_protect/bin/apcompile` as the compiler binary.
+
+This is particularly important if you're overriding the default entry point as part of a CI/CD process.
+
+```shell
+/opt/app_protect/bin/apcompile -g /path/to/global_settings.json -p /path/to/policy.json -o /path/to/compiled_policy.tgz
+```
\ No newline at end of file
diff --git a/content/waf/tools/converters.md b/content/waf/tools/converters.md
new file mode 100644
index 000000000..24fe67cc9
--- /dev/null
+++ b/content/waf/tools/converters.md
@@ -0,0 +1,468 @@
+---
+# We use sentence case and present imperative tone
+title: "Build and use the converter tools"
+# Weights are assigned in increments of 100: determines sorting order
+weight: 300
+# Creates a table of contents and sidebar, useful for large documents
+toc: true
+# Types have a 1:1 relationship with Hugo archetypes, so you shouldn't need to change this
+nd-content-type: how-to
+# Intended for internal catalogue and search, case sensitive:
+# Agent, N4Azure, NIC, NIM, NGF, NAP-DOS, NAP-WAF, NGINX One, NGINX+, Solutions, Unit
+nd-product: NAP-WAF
+---
+
+{{< call-out "warning" "Information architecture note" >}}
+
+This page replaces/combined information from the following two pages:
+
+- [v4 Converter tools]({{< ref "/nap-waf/v4/configuration-guide/configuration.md#converter-tools" >}})
+- [v5 Converter tools]({{< ref "/nap-waf/v5/configuration-guide/configuration.md#converter-tools" >}})
+
+It presumes contextual information from [Build and use the compiler tool]({{< ref "/waf/tools/compiler.md" >}}), trusting that the user has set-up a standalone compiler image for the sake of the examples.
+
+{{</ call-out>}}
+
+F5 WAF for NGINX has multiple tools for converting existing resources or configuration files for use from a BIG-IP for use from a BIG-IP environment. 
+
+{{< call-out "important" >}}
+
+These tools are available in the [compiler image]({{< ref "/waf/tools/compiler.md" >}}), and do not require a full deployment of F5 WAF for NGINX.
+
+{{< /call-out >}}
+
+## Policy converter
+
+The F5 WAF for NGINX policy converter tool is used to convert policies from XML to JSON format. 
+
+It is a script located on on the path `/opt/app_protect/bin/convert-policy`.
+
+The converted policy is based on the F5 WAF for NGINX [base template]({{< ref "/waf/policies/configuration.md#base-template" >}}) and contains the minimal differences required for the JSON policy format.
+
+You can obtain the XML policy file by exporting it from the BIG-IP system on which the policy is currently deployed.
+
+| Option   | Description |
+| ---------| ----------- |
+| _-i_ | Filename of input WAF or ASM binary policy |
+| _-o_ | Filename of output declarative policy |
+| _--bot-profile_  | Filename of JSON Bot Profile (pre-converted to JSON from tmsh syntax) |
+| _--logging-profile_ | Filename of JSON Logging Profile (pre-converted to JSON from tmsh syntax) |
+| _--dos-profile_ | Filename of JSON DoS Profile (pre-converted to JSON from tmsh syntax) |
+| _--full-export_ | If specified, the full policy with all entities will be exported. Otherwise, only entities that differ from the template will be included.<br> Default for the CLI is not specific (only differing entities). <br> Default for the REST endpoint above is "--full-export" (you can not override this).|
+
+To convert a policy, first create a temporary folder and copy your XML file to it:
+
+```shell
+mkdir tmp/convert
+cp <path-to-your-xml-policy-file> tmp/convert/
+```
+
+Run the compiler Docker image with the temporary folder as a mounted volume, and execute the policy converter script:
+
+{{< call-out "note" >}}
+
+Replace `waf-compiler-\<version-tag\>:custom` with your compiler image.
+
+{{< /call-out >}}
+
+```docker
+docker run -it --rm \
+  -v $(pwd):/tmp/convert \
+  --entrypoint="/opt/app_protect/bin/convert-policy" \
+  waf-compiler-<version-tag>:custom -i test.json -o test.xml
+  -i /tmp/convert/policy.xml \
+  -o /tmp/convert/policy.json \
+  --full-export
+```
+```json
+{
+"completed_successfully": true,
+"file_size": 20604,
+"warnings": [
+    "Default header '*-bin' cannot be deleted.",
+    "Traffic Learning, Policy Building, and staging are unsupported",
+    "/general/enableEventCorrelation must be '0' (was '1').",
+    "Element '/websocket-urls' is unsupported.",
+    "/signature-sets/learn value 1 is unsupported",
+    "Element '/redirection-protection' is unsupported.",
+    "/protocolIndependent must be '1' (was '0').",
+    "Element '/gwt-profiles' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_ASM_COOKIE_HIJACKING' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_BLOCKING_CONDITION' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_BRUTE_FORCE' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_CONVICTION' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_CROSS_ORIGIN_REQUEST' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_CSRF' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_CSRF_EXPIRED' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_DYNAMIC_SESSION' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_FLOW' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_FLOW_DISALLOWED_INPUT' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_FLOW_ENTRY_POINT' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_FLOW_MANDATORY_PARAMS' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_GEOLOCATION' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_GWT_FORMAT' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_GWT_MALFORMED' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_HOSTNAME_MISMATCH' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_LOGIN_URL_BYPASSED' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_LOGIN_URL_EXPIRED' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_MALICIOUS_DEVICE' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_MALICIOUS_IP' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_PARAMETER_DYNAMIC_VALUE' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_PLAINTEXT_FORMAT' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_REDIRECT' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_SESSION_AWARENESS' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_VIRUS' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_WEBSOCKET_BAD_REQUEST' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_WEBSOCKET_BINARY_MESSAGE_LENGTH' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_WEBSOCKET_BINARY_MESSAGE_NOT_ALLOWED' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_WEBSOCKET_EXTENSION' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_WEBSOCKET_FRAMES_PER_MESSAGE_COUNT' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_WEBSOCKET_FRAME_LENGTH' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_WEBSOCKET_FRAME_MASKING' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_WEBSOCKET_FRAMING_PROTOCOL' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_WEBSOCKET_TEXT_MESSAGE_NOT_ALLOWED' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_WEBSOCKET_TEXT_NULL_VALUE' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_XML_SCHEMA' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_XML_SOAP_ATTACHMENT' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_XML_SOAP_METHOD' is unsupported.",
+    "/blocking-settings/violations/name value 'VIOL_XML_WEB_SERVICES_SECURITY' is unsupported.",
+    "/blocking-settings/http-protocols/description value 'Unparsable request content' is unsupported.",
+    "Element '/plain-text-profiles' is unsupported."
+],
+"filename": "/tmp/convert/policy-ubuntu.json"
+}
+```
+
+{{< call-out "note" >}}
+
+The [jq](https://jqlang.github.io/jq/) command was used to format the example output.
+
+{{< /call-out >}}
+
+Once complete, the newly converted JSON policy file will reside in the same folder as the source XML policy file:
+
+```shell
+ls -l tmp/convert/
+total 848
+-rw-r--r-- 1 root root  20604 Dec 20 12:33 policy.json  # Exported JSON policy file
+-rw-r--r-- 1 root root 841818 Dec 20 11:10 policy.xml   # Original XML policy file
+```
+
+## User Defined Signatures converter
+
+The User Defined Signatures converter tool is used to a User Defined Signatures file from XML to JSON format.
+
+It is a script located on on the path `/opt/app_protect/bin/convert-signatures`.
+
+The tool accepts an optional tag argument: otherwise, the default tag value _user-defined-signatures_ is assigned with the exported JSON file.
+
+You can obtain the User Defined Signatures XML file by exporting it from the BIG-IP system on which the policy is currently deployed.
+
+These are the command line options available: if the script is run without the required switches and their corresponding arguments, it will display this help message.
+
+```shell
+USAGE:
+    /opt/app_protect/bin/convert-signatures
+
+Required arguments:
+    --outfile|o='/path/to/signatures.json'
+        File name to write JSON format export
+        Can also be set via an environment variable: EXPORT_FILE
+    --infile|i='/path/to/signatures.xml'
+        Advanced WAF/ASM User Defined Signatures file to Convert
+        Can also be set via an environment variable: IMPORT_FILE
+
+Optional arguments:
+    --tag|t='mytag'
+        Signature Tag to associate with User Defined Signatures.
+        If no tag is specified in the XML file, a default tag of 'user-defined-signatures' will be assigned.
+        Can also be set via an environment variable: TAG
+    --format|f='json'
+        Desired output format for signature file. Default 'json'
+        Supported formats: 'json'
+
+Optionally, using --help will issue this help message.
+```
+
+This is an example of how to convert a single XML file (With the default tag):
+
+{{< call-out "note" >}}
+
+Replace `waf-compiler-\<version-tag\>:custom` with your compiler image.
+
+{{< /call-out >}}
+
+```shell
+docker run -v `pwd`:`pwd` -w `pwd` --entrypoint /opt/app_protect/bin/convert-signatures waf-compiler-<version-tag>:custom -i /path/to/signatures.xml -o /path/to/signatures.json | jq
+```
+```json
+{
+    "filename": "/path/to/signatures.json",
+    "file_size": 1602,
+    "completed_successfully": true
+}
+```
+
+**signatures.json**
+```json
+{
+    "tag": "user-defined-signatures",
+    "signatures": [
+        {
+            "accuracy": "high",
+            "risk": "high",
+            "systems": [],
+            "rule": "content:\"header1\"; nocase;",
+            "description": "",
+            "signatureType": "request",
+            "signatureId": "300000000",
+            "revision": "1",
+            "lastUpdateMicros": 1731425468000000,
+            "name": "sig_1_header",
+            "attackType": {
+                "name": "Abuse of Functionality"
+            }
+        },
+        {
+            "signatureId": "300000002",
+            "signatureType": "request",
+            "attackType": {
+                "name": "Cross Site Scripting (XSS)"
+            },
+            "name": "sig_3_uri",
+            "lastUpdateMicros": 1731425631000000,
+            "revision": "1",
+            "risk": "high",
+            "accuracy": "high",
+            "description": "",
+            "rule": "uricontent:\"<script>\"; nocase;",
+            "systems": [
+                {
+                    "name": "Nginx"
+                }
+            ]
+        },
+        {
+            "name": "sig_2_param",
+            "attackType": {
+                "name": "Abuse of Functionality"
+            },
+            "lastUpdateMicros": 1731425549000000,
+            "revision": "1",
+            "signatureId": "300000001",
+            "signatureType": "request",
+            "description": "",
+            "rule": "valuecontent:!\"param\"; nocase; httponly; norm;",
+            "systems": [],
+            "accuracy": "high",
+            "risk": "high"
+        },
+        {
+            "systems": [
+                {
+                    "name": "Apache"
+                },
+                {
+                    "name": "Unix/Linux"
+                },
+                {
+                    "name": "Proxy Servers"
+                },
+                {
+                    "name": "Django"
+                }
+            ],
+            "description": "",
+            "rule": "valuecontent:\"json123\"; nocase; jsononly; norm;",
+            "risk": "high",
+            "accuracy": "high",
+            "lastUpdateMicros": 1731425782000000,
+            "revision": "1",
+            "attackType": {
+                "name": "Server-Side Request Forgery (SSRF)"
+            },
+            "name": "sig_5_",
+            "signatureType": "request",
+            "signatureId": "300000004"
+        },
+        {
+            "description": "",
+            "rule": "uricontent:\"etc\"; nocase;",
+            "systems": [
+                {
+                    "name": "Microsoft Windows"
+                },
+                {
+                    "name": "Unix/Linux"
+                }
+            ],
+            "accuracy": "high",
+            "risk": "high",
+            "name": "sig_4_",
+            "attackType": {
+                "name": "Path Traversal"
+            },
+            "lastUpdateMicros": 1731425708000000,
+            "revision": "1",
+            "signatureId": "300000003",
+            "signatureType": "request"
+        }
+    ]
+}
+```
+
+{{< call-out "note" >}}
+
+The [jq](https://jqlang.github.io/jq/) command was used to format the example output.
+
+{{< /call-out >}}
+
+This is an example of how to convert a single XML file (With a custom tag):
+
+```shell
+docker run -v `pwd`:`pwd` -w `pwd` --entrypoint /opt/app_protect/bin/convert-signatures waf-compiler-<version-tag>:custom -i /path/to/signatures.xml -o /path/to/signatures.json --tag "MyTag"
+```
+
+## Attack Signature Report tool
+
+The Attack Signature Report tool scans the system for attack signatures, then generates a JSON report file with information about these signatures.
+
+This tool can be deployed and used independently from a F5 WAF for NGINX deployment using the [compiler image]({{< ref "/waf/tools/compiler.md" >}}) to generate a report about the default signatures included with F5 WAF, or the signatures included in [an update package]({{< ref "/waf/signatures/">}}).
+
+The latter case is possible on a standalone compiler deployment by comparing a report from before a signature update and a report from after the signature update.
+
+This report can be used for reporting and troubleshooting purposes or for tracking changes to signature updates on an F5 WAF for NGINX deployment.
+
+These are the command line options available: if the script is run without the required switches and their corresponding arguments, it will display this help message.
+
+```shell
+USAGE:
+    /opt/app_protect/bin/get-signatures <arguments>
+
+  Required arguments:
+    --outfile|o='/path/to/report-file.json'
+      File name to write signature report.
+
+  Optional arguments:
+    --fields|f='list,of,fields'
+      Comma separated list of desired fields.
+      Available fields:
+      name,signatureId,signatureType,attackType,accuracy,tag,risk,systems,hasCve,references,isUserDefined,description,lastUpdateMicros
+
+Optionally, using --help will issue this help message.
+```
+
+This command example generates a signature report with all signature details:
+
+```shell
+/opt/app_protect/bin/get-signatures -o /path/to/signature-report.json
+```
+```json
+{
+    "file_size": 1868596,
+    "filename": "/path/to/signature-report.json",
+    "completed_successfully": true
+}
+```
+**signature-report.json**
+```json
+{
+    "signatures": [
+        {
+            "isUserDefined": false,
+            "attackType": {
+                "name": "Detection Evasion"
+            },
+            "name": "Unicode Fullwidth ASCII variant",
+            "hasCve": false,
+            "systems": [
+                {
+                    "name": "IIS"
+                }
+            ],
+            "references": [
+                {
+                    "value": "infosecauditor.wordpress.com/2013/05/27/bypassing-asp-net-validaterequest-for-script-injection-attacks/",
+                    "type": "url"
+                }
+            ],
+            "signatureId": 299999999,
+            "signatureType": "request",
+            "risk": "low",
+            "accuracy": "low"
+        },
+        {
+            "isUserDefined": false,
+            "attackType": {
+                "name": "Predictable Resource Location"
+            },
+            "name": "IIS Web Server log dir access (/W3SVC..)",
+            "hasCve": false,
+            "systems": [
+                {
+                    "name": "IIS"
+                }
+            ],
+            "references": [
+                {
+                    "value": "www.webappsec.org/projects/threat/classes/predictable_resource_location.shtml",
+                    "type": "url"
+                }
+            ],
+            "signatureId": 200000001,
+            "signatureType": "request",
+            "risk": "low",
+            "accuracy": "high"
+        },
+        {
+            "isUserDefined": false,
+            "name": "WEB-INF dir access (/WEB-INF/)",
+            "attackType": {
+                "name": "Predictable Resource Location"
+            },
+            "hasCve": true,
+            "systems": [
+                {
+                    "name": "Java Servlets/JSP"
+                },
+                {
+                    "name": "Macromedia JRun"
+                },
+                {
+                    "name": "Jetty"
+                }
+            ],
+            "references": [
+                {
+                    "value": "www.webappsec.org/projects/threat/classes/predictable_resource_location.shtml",
+                    "type": "url"
+                },
+                {
+                    "value": "CVE-2016-4800",
+                    "type": "cve"
+                },
+                {
+                    "value": "CVE-2007-6672",
+                    "type": "cve"
+                }
+            ],
+            "signatureType": "request",
+            "risk": "low",
+            "signatureId": 200000018
+        }
+    ],
+    "revisionDatetime": "2019-07-16T12:21:31Z"
+}
+```
+
+{{< call-out "note" >}}
+
+The [jq](https://jqlang.github.io/jq/) command was used to format the example output.
+
+{{< /call-out >}}
+
+This command example generates a signature report with two pre-defined fields:
+
+```shell
+/opt/app_protect/bin/get-signatures -o /path/to/signature-report.json --fields=name,signatureId
+```
\ No newline at end of file
diff --git a/layouts/index.html b/layouts/index.html
index 82f77f04d..082fb4a92 100644
--- a/layouts/index.html
+++ b/layouts/index.html
@@ -116,8 +116,8 @@ <h2 style="font-weight: 400; font-size: 1.5em; margin-top: 0px; margin-bottom: 0
             <div class="card-deck">
 
                 <div class="col-xs-12 col-sm-6 col-lg-4 card-holder">
-                    <a href="{{ .Site.BaseURL }}nginx-app-protect-waf" class="products-card" alt="NGINX App Protect WAF">
-                        <h3 class="card-title"><img class="card-img-top" src="{{ .Site.BaseURL }}/images/icons/NGINX-App-Protect-WAF-product-icon.svg"> NGINX App Protect WAF</h3>
+                    <a href="{{ .Site.BaseURL }}waf" class="products-card" alt="F5 WAF for NGINX">
+                        <h3 class="card-title"><img class="card-img-top" src="{{ .Site.BaseURL }}/images/icons/NGINX-App-Protect-WAF-product-icon.svg"> F5 WAF for NGINX</h3>
                         <div class="card-description">
                             <p>Lightweight, high-performance, advanced protection against Layer 7 attacks on your apps and APIs</p>
                         </div>
@@ -125,8 +125,8 @@ <h3 class="card-title"><img class="card-img-top" src="{{ .Site.BaseURL }}/images
                 </div>
 
                 <div class="col-xs-12 col-sm-6 col-lg-4 card-holder">
-                    <a href="{{ .Site.BaseURL }}nginx-app-protect-dos" class="products-card" alt="NGINX App Protect DoS">
-                        <h3 class="card-title"><img class="card-img-top" src="{{ .Site.BaseURL }}/images/icons/NGINX-App-Protect-DoS-product-icon.svg"> NGINX App Protect DoS</h3>
+                    <a href="{{ .Site.BaseURL }}nginx-app-protect-dos" class="products-card" alt="F5 DoS for NGINX">
+                        <h3 class="card-title"><img class="card-img-top" src="{{ .Site.BaseURL }}/images/icons/NGINX-App-Protect-DoS-product-icon.svg"> F5 DoS for NGINX</h3>
                         <div class="card-description">
                             <p>Defend, adapt, and mitigate against Layer 7 denial-of-service attacks on your apps and APIs</p>
                         </div>
@@ -336,14 +336,14 @@ <h1 class="homepage-item-text">
             NGINX App Protect
         </div>
 
-        <a href="{{ .Site.BaseURL }}nginx-app-protect-waf" class="products-card" alt="NGINX App Protect WAF">
+        <a href="{{ .Site.BaseURL }}waf" class="products-card" alt="F5 WAF for NGINX">
             <div class="homepage-item">
               <div class="homepage-item-heading">
                 <div class="homepage-item-logo">
                   <img src="{{ .Site.BaseURL }}/images/icons/NGINX-App-Protect-WAF-product-icon.svg">
                 </div>
                 <div class="homepage-item-text">
-                  NGINX App Protect WAF
+                  F5 WAF for NGINX
                 </div>
               </div>
               <div class="homepage-item-content">
@@ -352,14 +352,14 @@ <h1 class="homepage-item-text">
             </div>
           </a>
 
-          <a href="{{ .Site.BaseURL }}nginx-app-protect-dos" class="products-card" alt="NGINX App Protect DoS">
+          <a href="{{ .Site.BaseURL }}nginx-app-protect-dos" class="products-card" alt="F5 DoS for NGINX">
             <div class="homepage-item">
               <div class="homepage-item-heading">
                 <div class="homepage-item-logo">
                   <img src="{{ .Site.BaseURL }}/images/icons/NGINX-App-Protect-DoS-product-icon.svg">
                 </div>
                 <div class="homepage-item-text">
-                  NGINX App Protect DoS
+                  F5 DoS for NGINX
                 </div>
               </div>
               <div class="homepage-item-content">