Update NAP Doc - Configure App Protect WAF - Custom Policies (#1041)

kafeelhasan · mjang · web-flow · commit 41350a3e2475 · 2025-09-02T10:35:36.000-07:00
* Update NAP Docs This commit updates the NAP user facing documentation with the following change: Based on this issue : nginxinc/nalb-shared#1695, updated the Configure App Protect WAF with the following text - The File path is not optional and is automatically generated in the portal, defaulting to the path “/etc/app_protect/conf/” plus the policy Name with a “.json” extension * Removed Extra Space * Addressed PR comments --------- Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com>
diff --git a/content/nginxaas-azure/app-protect/configure-waf.md b/content/nginxaas-azure/app-protect/configure-waf.md
@@ -114,7 +114,14 @@ To create a custom security policy in the Azure Portal:
 3. Select **Custom Policies**
 4. Select **Add Custom Security Policy** to open the policy editor
 
-In the policy editor, enter the **Name**, **File path**, your policy content, and then select **Save**. The **File path** is optional and will default to the path "/etc/app_protect/conf/" plus the policy **Name** with a ".json" extension. After your policy has been saved, you can then reference it in your NGINX configuration. For more information on policy configuration and syntax, refer to the NGINX App Protect [configuration guide](https://docs.nginx.com/nginx-app-protect-waf/v5/configuration-guide/configuration/).
+In the policy editor:
+
+- Enter the **Name** (as a filename), **File path**, your policy content, and then select **Save**. 
+
+    - Be sure to append the filename with ".json". 
+    - The **File path** is automatically generated with "/etc/app_protect/conf/" as the default policies folder.
+
+After your policy has been saved, you can then reference it in your NGINX configuration. For more information on policy configuration and syntax, refer to the NGINX App Protect [configuration guide](https://docs.nginx.com/nginx-app-protect-waf/v5/configuration-guide/configuration/).
 
 {{< call-out "note" >}}The **name** field within the security policy must be unique among the policies referenced in your NGINX configuration.{{< /call-out >}}
 
@@ -128,4 +135,4 @@ It is highly recommended to use logging to monitor the performance of NGINX App
 
 ## What's next
 
-[Enable App Protect WAF Logs]({{< ref "/nginxaas-azure/app-protect/enable-logging.md" >}})
+[Enable App Protect WAF Logs]({{< ref "/nginxaas-azure/app-protect/enable-logging.md" >}})
