diff --git a/content/nic/configuration/global-configuration/configmap-resource.md b/content/nic/configuration/global-configuration/configmap-resource.md
index 711ac7065..662c9a4a2 100644
--- a/content/nic/configuration/global-configuration/configmap-resource.md
+++ b/content/nic/configuration/global-configuration/configmap-resource.md
@@ -2,9 +2,9 @@
 title: ConfigMap resources
 weight: 300
 toc: true
-type: how-to
-product: NIC
-docs: DOCS-586
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-586
 ---
 
 When using F5 NGINX Ingress Controller, you can customize or fine tune NGINX behavior using ConfigMap resources. Examples include setting the number of worker processes or customizing the access log format.
@@ -171,7 +171,7 @@ For more information, view the [VirtualServer and VirtualServerRoute resources](
 {{<bootstrap-table "table table-striped table-bordered table-responsive">}}
 |ConfigMap Key | Description | Default | Example |
 | ---| ---| ---| --- |
-|*lb-method* | Sets the [load balancing method](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/#choosing-a-load-balancing-method). To use the round-robin method, specify *"round_robin"*. | *"random two least_conn"* |  |
+|*lb-method* | Sets the [load balancing method]({{< ref "/nginx/admin-guide/load-balancer/http-load-balancer.md#choosing-a-load-balancing-method" >}}). To use the round-robin method, specify *"round_robin"*. | *"random two least_conn"* |  |
 |*max-fails* | Sets the value of the [max_fails](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#max_fails) parameter of the *server* directive. | *1* |  |
 |*upstream-zone-size* | Sets the size of the shared memory [zone](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#zone) for upstreams. For NGINX, the special value 0 disables the shared memory zones. For NGINX Plus, shared memory zones are required and cannot be disabled. The special value 0 will be ignored. | *256k* for NGINX, *512k* for NGINX Plus  |  |
 |*fail-timeout* | Sets the value of the [fail_timeout](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#fail_timeout) parameter of the *server* directive. | *10s* |  |
@@ -182,7 +182,7 @@ For more information, view the [VirtualServer and VirtualServerRoute resources](
 
 ### Zone Sync
 
-Zone Sync enables the [ngx_stream_zone_sync_module](https://nginx.org/en/docs/stream/ngx_stream_zone_sync_module.html) in NGINX Ingress Controller when NGINX Plus is used.  Multiple replicas are required to effectively utililise this functionality. More information is available in the [How NGINX Plus Performs Zone Synchronization](https://docs.nginx.com/nginx/admin-guide/high-availability/zone_sync_details/) topic.
+Zone Sync enables the [ngx_stream_zone_sync_module](https://nginx.org/en/docs/stream/ngx_stream_zone_sync_module.html) in NGINX Ingress Controller when NGINX Plus is used.  Multiple replicas are required to effectively utililise this functionality. More information is available in the [How NGINX Plus Performs Zone Synchronization]({{< ref "/nginx/admin-guide/high-availability/zone_sync_details.md" >}}) topic.
 
 Zone synchronization with TLS for NGINX Ingress Controller is not yet available with ConfigMap. If you would like to enable Zone Sync with TLS, please remove `zone-sync` from ConfigMap and add Zone Sync parameters via [`stream-snippets`]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-snippets.md" >}}) similar to [this example](https://github.com/nginx/kubernetes-ingress/blob/v4.0.1/examples/custom-resources/oidc/nginx-config.yaml) and adding the [zone_sync_ssl directive](https://nginx.org/en/docs/stream/ngx_stream_zone_sync_module.html#zone_sync_ssl) along with any other TLS parameters to the `stream-snippets`. 
 
@@ -217,10 +217,10 @@ If you encounter the error `error [emerg] 13#13: "zone_sync" directive is duplic
 |*location-snippets* | Sets a custom snippet in location context. | N/A |  |
 |*server-snippets* | Sets a custom snippet in server context. | N/A |  |
 |*stream-snippets* | Sets a custom snippet in stream context. | N/A | [Support for TCP/UDP Load Balancing](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/tcp-udp). |
-|*main-template* | Sets the main NGINX configuration template. | By default the template is read from the file in the container. | [Custom Templates](/nginx-ingress-controller/configuration/global-configuration/custom-templates). |
-|*ingress-template* | Sets the NGINX configuration template for an Ingress resource. | By default the template is read from the file on the container. | [Custom Templates](/nginx-ingress-controller/configuration/global-configuration/custom-templates). |
-|*virtualserver-template* | Sets the NGINX configuration template for an VirtualServer resource. | By default the template is read from the file on the container. | [Custom Templates](/nginx-ingress-controller/configuration/global-configuration/custom-templates). |
-|*transportserver-template* | Sets the NGINX configuration template for a TransportServer resource. | By default the template is read from the file on the container. | [Custom Templates](/nginx-ingress-controller/configuration/global-configuration/custom-templates). |
+|*main-template* | Sets the main NGINX configuration template. | By default the template is read from the file in the container. | [Custom Templates]({{< ref "/nic/configuration/global-configuration/custom-templates.md" >}}). |
+|*ingress-template* | Sets the NGINX configuration template for an Ingress resource. | By default the template is read from the file on the container. | [Custom Templates]({{< ref "/nic/configuration/global-configuration/custom-templates.md" >}}). |
+|*virtualserver-template* | Sets the NGINX configuration template for an VirtualServer resource. | By default the template is read from the file on the container. | [Custom Templates]({{< ref "/nic/configuration/global-configuration/custom-templates.md" >}}). |
+|*transportserver-template* | Sets the NGINX configuration template for a TransportServer resource. | By default the template is read from the file on the container. | [Custom Templates]({{< ref "/nic/configuration/global-configuration/custom-templates.md" >}}) |
 {{</bootstrap-table>}}
 
 ---
diff --git a/content/nic/configuration/global-configuration/globalconfiguration-resource.md b/content/nic/configuration/global-configuration/globalconfiguration-resource.md
index 84b4e4002..80d05bd55 100644
--- a/content/nic/configuration/global-configuration/globalconfiguration-resource.md
+++ b/content/nic/configuration/global-configuration/globalconfiguration-resource.md
@@ -17,7 +17,7 @@ Listeners are required by [TransportServer resources]({{< ref "/nic/configuratio
 
 ## Prerequisites
 
-When [installing NGINX Ingress Controller using Manifests]({{< ref "/nic/installation/installing-nic/installation-with-manifests.md" >}}), you need to reference a GlobalConfiguration resource in the [`-global-configuration`](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments#cmdoption-global-configuration) command-line argument. NGINX Ingress Controller only needs one GlobalConfiguration resource.
+When [installing NGINX Ingress Controller using Manifests]({{< ref "/nic/installation/installing-nic/installation-with-manifests.md" >}}), you need to reference a GlobalConfiguration resource in the [`-global-configuration`]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md#cmdoption-global-configuration" >}}) command-line argument. NGINX Ingress Controller only needs one GlobalConfiguration resource.
 
 ---
 
@@ -71,7 +71,7 @@ The `listeners:` key defines a listener (a combination of a protocol and a port)
 |Field | Description | Type | Required |
 | ---| ---| ---| --- |
 | *name* | The name of the listener. Must be a valid DNS label as defined in RFC 1035. For example, ``hello`` and ``listener-123`` are valid. The name must be unique among all listeners. The name ``tls-passthrough`` is reserved for the built-in TLS Passthrough listener and cannot be used. | *string* | Yes |
-| *port* | The port of the listener. The port must fall into the range ``1..65535`` with the following exceptions: ``80``, ``443``, the [status port](/nginx-ingress-controller/logging-and-monitoring/status-page), the [Prometheus metrics port](/nginx-ingress-controller/logging-and-monitoring/prometheus). Among all listeners, only a single combination of a port-protocol is allowed. | *int* | Yes |
+| *port* | The port of the listener. The port must fall into the range ``1..65535`` with the following exceptions: ``80``, ``443``, the [status port]({{< ref "/nic/logging-and-monitoring/status-page.md" >}}), the [Prometheus metrics port]({{< ref "/nic/logging-and-monitoring/prometheus.md" >}}). Among all listeners, only a single combination of a port-protocol is allowed. | *int* | Yes |
 | *protocol* | The protocol of the listener. Supported values: ``TCP``, ``UDP`` and ``HTTP``. | *string* | Yes |
 | *ssl* | Configures the listener with SSL. This is currently only supported for ``HTTP`` listeners. Default value is ``false`` | *bool* | No |
 | *ipv4* | Specifies the IPv4 address to listen on. | *string* | No |
diff --git a/content/nic/configuration/global-configuration/reporting-resources-status.md b/content/nic/configuration/global-configuration/reporting-resources-status.md
index 8e36733eb..dc79ea3b2 100644
--- a/content/nic/configuration/global-configuration/reporting-resources-status.md
+++ b/content/nic/configuration/global-configuration/reporting-resources-status.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-589
-doctypes:
-- ''
 title: Reporting resource status
 toc: true
 weight: 600
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-589
 ---
 
 This page describes how to view the status of resources managed by F5 NGINX Ingress Controller.
@@ -30,7 +30,7 @@ NGINX Ingress Controller must be configured to report an Ingress status:
     1. A user defined address, specified in the `external-status-address` ConfigMap key.
     1. A Service of the type LoadBalancer configured with an external IP or address and specified by the `-external-service` command-line flag.
 
-View the [ConfigMap keys](/nginx-ingress-controller/configuration/global-configuration/configmap-resource) and [Command-line arguments](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments) topics for more information.
+View the [ConfigMap keys]({{< ref "/nic/configuration/global-configuration/configmap-resource.md" >}}) and [Command-line arguments]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md" >}}) topics for more information.
 
 {{< note >}} NGINX Ingress Controller does not clear the status of Ingress resources when it is being shut down. {{< /note >}}
 
@@ -113,7 +113,7 @@ NGINX Ingress Controller must be configured to report a VirtualServer or Virtual
     1. A user defined address, specified in the `external-status-address` ConfigMap key.
     1. A Service of the type LoadBalancer configured with an external IP or address and specified by the `-external-service` command-line flag.
 
-View the [ConfigMap keys](/nginx-ingress-controller/configuration/global-configuration/configmap-resource) and [Command-line arguments](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments) topics for more information.
+View the [ConfigMap keys]({{< ref "/nic/configuration/global-configuration/configmap-resource.md" >}}) and [Command-line arguments]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md" >}}) topics for more information.
 
 {{< note >}} NGINX Ingress Controller does not clear the status of VirtualServer and VirtualServerRoute resources when it is being shut down. {{< /note >}}
 
diff --git a/content/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md b/content/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md
index ee3dbc860..b037f3f82 100644
--- a/content/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md
+++ b/content/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-591
-doctypes:
-- ''
 title: Advanced configuration with Annotations
 toc: true
 weight: 200
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-591
 ---
 
 This topic explains how to enable advanced features in F5 NGINX Ingress Controller with Annotations.
@@ -157,7 +157,7 @@ The table below summarizes the available annotations.
 {{<bootstrap-table "table table-striped table-bordered table-responsive">}}
 |Annotation | ConfigMap Key | Description | Default | Example |
 | ---| ---| ---| ---| --- |
-| *nginx.org/lb-method* | *lb-method* | Sets the [load balancing method](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/#choosing-a-load-balancing-method). To use the round-robin method, specify ``"round_robin"``. | *"random two least_conn"* |  |
+| *nginx.org/lb-method* | *lb-method* | Sets the [load balancing method]({{< ref "/nginx/admin-guide/load-balancer/http-load-balancer.md#choosing-a-load-balancing-method" >}}). To use the round-robin method, specify ``"round_robin"``. | *"random two least_conn"* |  |
 | *nginx.org/ssl-services* | N/A | Enables HTTPS or gRPC over SSL when connecting to the endpoints of services. | N/A | [ssl-services](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/ssl-services) |
 | *nginx.org/grpc-services* | N/A | Enables gRPC for services. Note: requires HTTP/2 (see ``http2* ConfigMap key); only works for Ingresses with TLS termination enabled. | N/A | [grpc-services](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/grpc-services) |
 | *nginx.org/websocket-services* | N/A | Enables WebSocket for services. | N/A | [websocket](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/websocket) |
@@ -170,7 +170,7 @@ The table below summarizes the available annotations.
 | *nginx.com/health-checks* | N/A | Enables active health checks. | *False* | [health-checks](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/health-checks) |
 | *nginx.com/health-checks-mandatory* | N/A | Configures active health checks as mandatory. | *False* | [health-checks](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/health-checks) |
 | *nginx.com/health-checks-mandatory-queue* | N/A | When active health checks are mandatory, creates a queue where incoming requests are temporarily stored while NGINX Plus is checking the health of the endpoints after a configuration reload. | *0* | [health-checks](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/health-checks) |
-| *nginx.com/slow-start* | N/A | Sets the upstream server [slow-start period](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/#server-slow-start). By default, slow-start is activated after a server becomes [available](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#passive-health-checks) or [healthy](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#active-health-checks). To enable slow-start for newly-added servers, configure [mandatory active health checks](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/health-checks). | *"0s"* |  |
+| *nginx.com/slow-start* | N/A | Sets the upstream server [slow-start period]({{< ref "/nginx/admin-guide/load-balancer/http-load-balancer.md#server-slow-start" >}}). By default, slow-start is activated after a server becomes [available]({{< ref "/nginx/admin-guide/load-balancer/http-health-check.md#passive-health-checks" >}}) or [healthy]({{< ref "/nginx/admin-guide/load-balancer/http-health-check.md#active-health-checks" >}}). To enable slow-start for newly-added servers, configure [mandatory active health checks](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/health-checks). | *"0s"* |  |
 | *nginx.org/use-cluster-ip* | N/A | Enables using the Cluster IP and port of the service instead of the default behavior of using the IP and port of the pods. When this field is enabled, the fields that configure NGINX behavior related to multiple upstream servers (like ``lb-method* and ``next-upstream``) will have no effect, as NGINX Ingress Controller will configure NGINX with only one upstream server that will match the service Cluster IP.   | *False* |  |
 {{</bootstrap-table>}}
 
diff --git a/content/nic/configuration/ingress-resources/cross-namespace-configuration.md b/content/nic/configuration/ingress-resources/cross-namespace-configuration.md
index 3e92b6403..8a443b4fd 100644
--- a/content/nic/configuration/ingress-resources/cross-namespace-configuration.md
+++ b/content/nic/configuration/ingress-resources/cross-namespace-configuration.md
@@ -1,14 +1,14 @@
 ---
-docs: DOCS-594
-doctypes:
-- ''
 title: Cross-namespace configuration
 toc: true
 weight: 500
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-594
 ---
 
 This topic explains how to spread Ingress configuration across different namespaces in F5 NGINX Ingress Controller.
 
 You can spread the Ingress configuration for a common host across multiple Ingress resources using Mergeable Ingress resources. Such resources can belong to the *same* or *different* namespaces. This enables easier management when using a large number of paths. See the [Mergeable Ingress Resources](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/mergeable-ingress-types) example in our GitHub repo.
 
-As an alternative to Mergeable Ingress resources, you can use [VirtualServer and VirtualServerRoute resources](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/) for cross-namespace configuration. See the [Cross-Namespace Configuration](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/custom-resources/cross-namespace-configuration) example in our GitHub repo.
+As an alternative to Mergeable Ingress resources, you can use [VirtualServer and VirtualServerRoute resources]({{< ref "/nic//configuration/virtualserver-and-virtualserverroute-resources.md" >}}) for cross-namespace configuration. See the [Cross-Namespace Configuration](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/custom-resources/cross-namespace-configuration) example in our GitHub repo.
diff --git a/content/nic/configuration/ingress-resources/custom-annotations.md b/content/nic/configuration/ingress-resources/custom-annotations.md
index 8bbd136b0..a7dd3db81 100644
--- a/content/nic/configuration/ingress-resources/custom-annotations.md
+++ b/content/nic/configuration/ingress-resources/custom-annotations.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-595
-doctypes:
-- ''
 title: Custom annotations
 toc: true
 weight: 300
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-595
 ---
 
 This topic explains how you can use custom annotations with F5 NGINX Ingress Controller.
@@ -13,7 +13,7 @@ Custom annotations enable you to quickly extend the Ingress resource to support
 
 ## Overview
 
-NGINX Ingress Controller supports a number of annotations for the Ingress resource that fine tune NGINX configuration (for example, connection timeouts) or enable additional features (for example, JWT validation). The complete list of annotations is available [here](/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations).
+NGINX Ingress Controller supports a number of annotations for the Ingress resource that fine tune NGINX configuration (for example, connection timeouts) or enable additional features (for example, JWT validation). The complete list of annotations is available [here]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md" >}}).
 
 The annotations are provided only for the most common features and use cases, meaning that not every NGINX feature or a customization option is available through the annotations. Additionally, even if an annotation is available, it might not give you the satisfactory level of control of a particular NGINX feature.
 
@@ -72,14 +72,14 @@ Assuming that the Ingress Controller is using that customized template, it will
 
 **Notes**:
 
-- You can customize the template to insert you custom annotations via [custom templates](/nginx-ingress-controller/configuration/global-configuration/custom-templates).
+- You can customize the template to insert you custom annotations via [custom templates]({{< ref "/nic//configuration/global-configuration/custom-templates.md" >}}).
 - The Ingress Controller uses go templates to generate NGINX config. You can read more information about go templates [here](https://golang.org/pkg/text/template/).
 
 See the examples in the next section that use custom annotations to configure NGINX features.
 
 ### Custom Annotations with Mergeable Ingress Resources
 
-A Mergeable Ingress resource consists of multiple Ingress resources - one master and one or several minions. Read more about Mergeable Ingress resources [here](/nginx-ingress-controller/configuration/ingress-resources/cross-namespace-configuration).
+A Mergeable Ingress resource consists of multiple Ingress resources - one master and one or several minions. Read more about Mergeable Ingress resources [here]({{< ref "/nic/configuration/ingress-resources/cross-namespace-configuration.md" >}}).
 
 If you'd like to use custom annotations with Mergeable Ingress resources, please keep the following in mind:
 
diff --git a/content/nic/configuration/policy-resource.md b/content/nic/configuration/policy-resource.md
index 4188188ef..a6c33e3e4 100644
--- a/content/nic/configuration/policy-resource.md
+++ b/content/nic/configuration/policy-resource.md
@@ -2,12 +2,12 @@
 title: Policy resources
 weight: 500
 toc: true
-type: how-to
-product: NIC
-docs: DOCS-596
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-596
 ---
 
-The Policy resource allows you to configure features like access control and rate-limiting, which you can add to your [VirtualServer and VirtualServerRoute resources](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/).
+The Policy resource allows you to configure features like access control and rate-limiting, which you can add to your [VirtualServer and VirtualServerRoute resources]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md" >}}).
 
 The resource is implemented as a [Custom Resource](https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/).
 
@@ -15,7 +15,7 @@ This document is the reference documentation for the Policy resource. An example
 
 ## Prerequisites
 
-Policies work together with [VirtualServer and VirtualServerRoute resources](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/), which you need to create separately.
+Policies work together with [VirtualServer and VirtualServerRoute resources]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md" >}}), which you need to create separately.
 
 ## Policy Specification
 
@@ -227,7 +227,7 @@ The policies' API keys are securely stored using SHA-256 hashing. When a client
 
 If the hashed keys match, the NGINX JavaScript (NJS) subrequest issues a 204 No Content response to the `auth_request` directive, indicating successful authorization. Conversely, if no API Key is provided in the specified header or query parameter, a 401 Unauthorized response is returned. Similarly, if an invalid key is presented in the expected header or query parameter, a 403 Forbidden response is issued, denying access.
 
-It is possible to use the [errorPages](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#errorpage) property on a route, to change the default behaviour of 401 or 403 errors.
+It is possible to use the [errorPages]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#errorpage" >}}) property on a route, to change the default behaviour of 401 or 403 errors.
 
 At least one header or query param is required.
 
@@ -362,7 +362,7 @@ action:
         value: ${jwt_header_alg}
 ```
 
-We use the `requestHeaders` of the [Action.Proxy](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#actionproxy) to set the values of two headers that NGINX will pass to the upstream servers.
+We use the `requestHeaders` of the [Action.Proxy]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#actionproxy" >}}) to set the values of two headers that NGINX will pass to the upstream servers.
 
 The value of the `${jwt_claim_user}` variable is the `user` claim of a JWT. For other claims, use `${jwt_claim_name}`, where `name` is the name of the claim. Note that nested claims and claims that include a period (`.`) are not supported. Similarly, use `${jwt_header_name}` where `name` is the name of a header. In our example, we use the `alg` header.
 
@@ -474,8 +474,8 @@ data:
 
 A VirtualServer that references an IngressMTLS policy must:
 
-- Enable [TLS termination](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#virtualservertls).
-- Reference the policy in the VirtualServer [`spec`](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#virtualserver-specification). It is not allowed to reference an IngressMTLS policy in a [`route`](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#virtualserverroute) or in a VirtualServerRoute [`subroute`](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#virtualserverroutesubroute).
+- Enable [TLS termination]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#virtualservertls" >}}).
+- Reference the policy in the VirtualServer [`spec`]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#virtualserver-specification" >}}). It is not allowed to reference an IngressMTLS policy in a [`route`](({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#virtualserverroute" >}}) or in a VirtualServerRoute [`subroute`]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#virtualserverroutesubroute" >}}).
 
 If the conditions above are not met, NGINX will send the `500` status code to clients.
 
@@ -493,7 +493,7 @@ action:
         value: ${ssl_client_escaped_cert} # client certificate in the PEM format (urlencoded)
 ```
 
-We use the `requestHeaders` of the [Action.Proxy](/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#actionproxy) to set the values of the two headers that NGINX will pass to the upstream servers. See the [list of embedded variables](https://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables) that are supported by the `ngx_http_ssl_module`, which you can use to pass the client certificate details.
+We use the `requestHeaders` of the [Action.Proxy]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#actionproxy" >}}) to set the values of the two headers that NGINX will pass to the upstream servers. See the [list of embedded variables](https://nginx.org/en/docs/http/ngx_http_ssl_module.html#variables) that are supported by the `ngx_http_ssl_module`, which you can use to pass the client certificate details.
 
 {{< note >}}
 
@@ -611,7 +611,7 @@ The feature is implemented using the NGINX [ngx_http_proxy_module](https://nginx
 |``serverName`` | Enables passing of the server name through ``Server Name Indication`` extension. | ``bool`` | No |
 |``sslName`` | Allows overriding the server name used to verify the certificate of the upstream HTTPS server. | ``string`` | No |
 |``ciphers`` | Specifies the enabled ciphers for requests to an upstream HTTPS server. The default is ``DEFAULT``. | ``string`` | No |
-|``protocols`` | Specifies the protocols for requests to an upstream HTTPS server. The default is ``TLSv1 TLSv1.1 TLSv1.2``. | ``string`` | No | > Note: the value of ``ciphers`` and ``protocols`` is not validated by NGINX Ingress Controller. As a result, NGINX can fail to reload the configuration. To ensure that the configuration for a VirtualServer/VirtualServerRoute that references the policy was successfully applied, check its [status](/nginx-ingress-controller/configuration/global-configuration/reporting-resources-status/#virtualserver-and-virtualserverroute-resources). The validation will be added in the future releases. |
+|``protocols`` | Specifies the protocols for requests to an upstream HTTPS server. The default is ``TLSv1 TLSv1.1 TLSv1.2``. | ``string`` | No | > Note: the value of ``ciphers`` and ``protocols`` is not validated by NGINX Ingress Controller. As a result, NGINX can fail to reload the configuration. To ensure that the configuration for a VirtualServer/VirtualServerRoute that references the policy was successfully applied, check its [status]({{< ref "/nic/configuration/global-configuration/reporting-resources-status.md#virtualserver-and-virtualserverroute-resources" >}}). The validation will be added in the future releases. |
 {{% /table %}}
 
 #### EgressMTLS Merging Behavior
@@ -662,7 +662,7 @@ The feature is implemented using the [reference implementation](https://github.c
 
 #### Prerequisites
 
-In order to use OIDC, you need to enable [zone synchronization](https://docs.nginx.com/nginx/admin-guide/high-availability/zone_sync/). If you don't set up zone synchronization, NGINX Plus will fail to reload.
+In order to use OIDC, you need to enable [zone synchronization]({{< ref "/nginx/admin-guide/high-availability/zone_sync.md" >}}). If you don't set up zone synchronization, NGINX Plus will fail to reload.
 You also need to configure a resolver, which NGINX Plus will use to resolve the IDP authorization endpoint. You can find an example configuration [in our GitHub repository](https://github.com/nginx/kubernetes-ingress/blob/v{{< nic-version >}}/examples/custom-resources/oidc#step-7---configure-nginx-plus-zone-synchronization-and-resolver).
 
 {{< warning >}}
@@ -734,9 +734,9 @@ webapp-policy   27m
 
 For `kubectl get` and similar commands, you can also use the short name `pol` instead of `policy`.
 
-### WAF {#waf}
+### WAF
 
-{{< note >}} The feature is implemented using the NGINX Plus [NGINX App Protect WAF Module](https://docs.nginx.com/nginx-app-protect/configuration/). {{< /note >}}
+{{< note >}} The feature is implemented using the NGINX Plus [NGINX App Protect WAF Module]({{< ref "/nap-waf/" >}}). {{< /note >}}
 
 The WAF policy configures NGINX Plus to secure client requests using App Protect WAF policies.
 
@@ -867,7 +867,7 @@ For an invalid policy, NGINX returns the 500 status code for client requests wit
 - If a policy is referenced in a VirtualServer `route` or a VirtualServerRoute `subroute`, then NGINX will return the 500 status code for requests for the URIs of that route/subroute.
 - If a policy is referenced in the VirtualServer `spec`, then NGINX will return the 500 status code for requests for all URIs of that VirtualServer.
 
-If a policy is invalid, the VirtualServer or VirtualServerRoute will have the [status](/nginx-ingress-controller/configuration/global-configuration/reporting-resources-status#virtualserver-and-virtualserverroute-resources) with the state `Warning` and the message explaining why the policy wasn't considered invalid.
+If a policy is invalid, the VirtualServer or VirtualServerRoute will have the [status]({{< ref "/nic/configuration/global-configuration/reporting-resources-status.md#virtualserver-and-virtualserverroute-resources" >}}) with the state `Warning` and the message explaining why the policy wasn't considered invalid.
 
 ### Validation
 
diff --git a/content/nic/configuration/security.md b/content/nic/configuration/security.md
index f0b74f6a3..c2637af8a 100644
--- a/content/nic/configuration/security.md
+++ b/content/nic/configuration/security.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-597
-doctypes:
-- ''
 title: Security recommendations
 toc: true
 weight: 300
+nd-content-type: reference
+nd-product: NIC
+nd-docs: DOCS-597
 ---
 
 F5 NGINX Ingress Controller follows Kubernetes best practices: this page outlines configuration specific to NGINX Ingress Controller you may require, including links to examples in the [GitHub repository](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples).
@@ -34,7 +34,7 @@ By default, the ServiceAccount has access to all Secret resources in the cluster
 ### Configure root filesystem as read-only
 
 {{< caution >}}
- This feature is compatible with [NGINX App Protect WAFv5](https://docs.nginx.com/nginx-app-protect-waf/v5/). It is not compatible with [NGINX App Protect WAFv4](https://docs.nginx.com/nginx-app-protect-waf/v4/) or [NGINX App Protect DoS](https://docs.nginx.com/nginx-app-protect-dos/).
+ This feature is compatible with [NGINX App Protect WAF v5]({{< ref "/nap-waf/v5/" >}}). It is not compatible with [NGINX App Protect WAF v4]({{< ref "/nap-waf/v4/" >}}) or [NGINX App Protect DoS]({{< ref "/nap-dos/" >}}).
 {{< /caution >}}
 
 NGINX Ingress Controller is designed to be resilient against attacks in various ways, such as running the service as non-root to avoid changes to files. We recommend setting filesystems on all containers to read-only, this includes `nginx-ingress-controller`, though also includes `waf-enforcer` and `waf-config-mgr` when NGINX App Protect WAFv5 is in use.  This is so that the attack surface is further reduced by limiting changes to binaries and libraries.
diff --git a/content/nic/configuration/virtualserver-and-virtualserverroute-resources.md b/content/nic/configuration/virtualserver-and-virtualserverroute-resources.md
index 1acd05b02..31f4d2c3f 100644
--- a/content/nic/configuration/virtualserver-and-virtualserverroute-resources.md
+++ b/content/nic/configuration/virtualserver-and-virtualserverroute-resources.md
@@ -2,7 +2,9 @@
 title: VirtualServer and VirtualServerRoute resources
 toc: true
 weight: 700
-docs: DOCS-599
+nd-content-type: reference
+nd-product: NIC
+nd-docs: DOCS-599
 ---
 
 This document is reference material for the VirtualServer and VirtualServerRoute resources used by F5 NGINX Ingress Controller.
@@ -54,13 +56,12 @@ spec:
       pass: tea
 ```
 
-{{<bootstrap-table "table table-striped table-bordered table-responsive">}}
 |Field | Description | Type | Required |
 | ---| ---| ---| --- |
-|``host`` | The host (domain name) of the server. Must be a valid subdomain as defined in RFC 1123, such as ``my-app`` or ``hello.example.com``. When using a wildcard domain like ``*.example.com`` the domain must be contained in double quotes.  The ``host`` value needs to be unique among all Ingress and VirtualServer resources. See also [Handling Host and Listener Collisions](/nginx-ingress-controller/configuration/host-and-listener-collisions). | ``string`` | Yes |
+|``host`` | The host (domain name) of the server. Must be a valid subdomain as defined in RFC 1123, such as ``my-app`` or ``hello.example.com``. When using a wildcard domain like ``*.example.com`` the domain must be contained in double quotes. The ``host`` value needs to be unique among all Ingress and VirtualServer resources. See also [Handling Host and Listener Collisions]({{< ref "/nic/configuration/host-and-listener-collisions.md" >}}). | ``string`` | Yes |
 |``listener`` | Sets a custom HTTP and/or HTTPS listener. Valid fields are `listener.http` and `listener.https`. Each field must reference the name of a valid listener defined in a GlobalConfiguration resource | [listener](#virtualserverlistener) | No |
 |``tls`` | The TLS termination configuration. | [tls](#virtualservertls) | No |
-|``gunzip`` | Enables or disables [decompression](https://docs.nginx.com/nginx/admin-guide/web-server/compression/) of gzipped responses for clients. Allowed values “on”/“off”, “true”/“false” or “yes”/“no”. If the ``gunzip`` value is not set, it defaults to ``off``.   | ``boolean`` | No |
+|``gunzip`` | Enables or disables [decompression]({{< ref "/nginx/admin-guide/web-server/compression.md" >}}) of gzipped responses for clients. Allowed values “on”/“off”, “true”/“false” or “yes”/“no”. If the ``gunzip`` value is not set, it defaults to ``off``.   | ``boolean`` | No |
 |``externalDNS`` | The externalDNS configuration for a VirtualServer. | [externalDNS](#virtualserverexternaldns) | No |
 |``dos`` | A reference to a DosProtectedResource, setting this enables DOS protection of the VirtualServer. | ``string`` | No |
 |``policies`` | A list of policies. | [[]policy](#virtualserverpolicy) | No |
@@ -70,7 +71,6 @@ spec:
 |``internalRoute`` | Specifies if the VirtualServer resource is an internal route or not. | ``boolean`` | No |
 |``http-snippets`` | Sets a custom snippet in the http context. | ``string`` | No |
 |``server-snippets`` | Sets a custom snippet in server context. Overrides the ``server-snippets`` ConfigMap key. | ``string`` | No |
-{{</bootstrap-table>}}
 
 ### VirtualServer.TLS
 
@@ -85,7 +85,7 @@ redirect:
 {{<bootstrap-table "table table-striped table-bordered table-responsive">}}
 |Field | Description | Type | Required |
 | ---| ---| ---| --- |
-|``secret`` | The name of a secret with a TLS certificate and key. The secret must belong to the same namespace as the VirtualServer. The secret must be of the type ``kubernetes.io/tls`` and contain keys named ``tls.crt`` and ``tls.key`` that contain the certificate and private key as described [here](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls). If the secret doesn't exist or is invalid, NGINX will break any attempt to establish a TLS connection to the host of the VirtualServer. If the secret is not specified but [wildcard TLS secret](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments#cmdoption-wildcard-tls-secret) is configured, NGINX will use the wildcard secret for TLS termination. | ``string`` | No |
+|``secret`` | The name of a secret with a TLS certificate and key. The secret must belong to the same namespace as the VirtualServer. The secret must be of the type ``kubernetes.io/tls`` and contain keys named ``tls.crt`` and ``tls.key`` that contain the certificate and private key as described [here](https://kubernetes.io/docs/concepts/services-networking/ingress/#tls). If the secret doesn't exist or is invalid, NGINX will break any attempt to establish a TLS connection to the host of the VirtualServer. If the secret is not specified but [wildcard TLS secret]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md#cmdoption-wildcard-tls-secret" >}}) is configured, NGINX will use the wildcard secret for TLS termination. | ``string`` | No |
 |``redirect`` | The redirect configuration of the TLS for a VirtualServer. | [tls.redirect](#virtualservertlsredirect) | No | ### VirtualServer.TLS.Redirect |
 |``cert-manager`` | The cert-manager configuration of the TLS for a VirtualServer. | [tls.cert-manager](#virtualservertlscertmanager) | No | ### VirtualServer.TLS.CertManager |
 {{</bootstrap-table>}}
@@ -133,7 +133,7 @@ cert-manager:
 
 ### VirtualServer.Listener
 The listener field defines a custom HTTP and/or HTTPS listener.
-The respective listeners used must reference the name of a listener defined using a [GlobalConfiguration](/nginx-ingress-controller/configuration/global-configuration/globalconfiguration-resource/) resource.
+The respective listeners used must reference the name of a listener defined using a [GlobalConfiguration]({{< ref "/nic/configuration/global-configuration/globalconfiguration-resource.md" >}}) resource.
 For example:
 ```yaml
 http: http-8083
@@ -143,8 +143,8 @@ https: https-8443
 {{<bootstrap-table "table table-striped table-bordered table-responsive">}}
 |Field | Description | Type | Required |
 | ---| ---| ---| --- |
-|``http`` |  The name of am HTTP listener defined in a [GlobalConfiguration](/nginx-ingress-controller/configuration/global-configuration/globalconfiguration-resource/) resource. | ``string`` | No |
-|``https`` |  The name of an HTTPS listener defined in a [GlobalConfiguration](/nginx-ingress-controller/configuration/global-configuration/globalconfiguration-resource/) resource. | ``string`` | No |
+|``http`` |  The name of am HTTP listener defined in a [GlobalConfiguration]({{< ref "/nic/configuration/global-configuration/globalconfiguration-resource.md" >}}) resource. | ``string`` | No |
+|``https`` |  The name of an HTTPS listener defined in a [GlobalConfiguration]({{< ref "/nic/configuration/global-configuration/globalconfiguration-resource.md" >}}) resource. | ``string`` | No |
 {{</bootstrap-table>}}
 
 ### VirtualServer.ExternalDNS
@@ -185,7 +185,7 @@ The providerSpecific field of the externalDNS block allows the specification of
 
 ### VirtualServer.Policy
 
-The policy field references a [Policy resource](/nginx-ingress-controller/configuration/policy-resource/) by its name and optional namespace. For example:
+The policy field references a [Policy resource]({{< ref "/nic/configuration/policy-resource.md" >}}) by its name and optional namespace. For example:
 
 ```yaml
 name: access-control
@@ -212,7 +212,7 @@ The route defines rules for matching client requests to actions like passing a r
 |Field | Description | Type | Required |
 | ---| ---| ---| --- |
 |``path`` | The path of the route. NGINX will match it against the URI of a request. Possible values are: a prefix ( ``/`` , ``/path`` ), an exact match ( ``=/exact/match`` ), a case insensitive regular expression ( ``~*^/Bar.*\.jpg`` ) or a case sensitive regular expression ( ``~^/foo.*\.jpg`` ). In the case of a prefix (must start with ``/`` ) or an exact match (must start with ``=`` ), the path must not include any whitespace characters, ``{`` , ``}`` or ``;``. In the case of the regex matches, all double quotes ``"`` must be escaped and the match can't end in an unescaped backslash ``\``. The path must be unique among the paths of all routes of the VirtualServer. Check the [location](https://nginx.org/en/docs/http/ngx_http_core_module.html#location) directive for more information. | ``string`` | Yes |
-|``policies`` | A list of policies. The policies override the policies of the same type defined in the ``spec`` of the VirtualServer. See [Applying Policies](/nginx-ingress-controller/configuration/policy-resource/#applying-policies) for more details. | [[]policy](#virtualserverpolicy) | No |
+|``policies`` | A list of policies. The policies override the policies of the same type defined in the ``spec`` of the VirtualServer. See [Applying Policies]({{< ref "/nic/configuration/policy-resource.md#applying-policies" >}}) for more details. | [[]policy](#virtualserverpolicy) | No |
 |``action`` | The default action to perform for a request. | [action](#action) | No |
 |``dos`` | A reference to a DosProtectedResource, setting this enables DOS protection of the VirtualServer route. | ``string`` | No |
 |``splits`` | The default splits configuration for traffic splitting. Must include at least 2 splits. | [[]split](#split) | No |
@@ -226,7 +226,7 @@ The route defines rules for matching client requests to actions like passing a r
 
 ## VirtualServerRoute specification
 
-The VirtualServerRoute resource defines a route for a VirtualServer. It can consist of one or multiple subroutes. The VirtualServerRoute is an alternative to [Mergeable Ingress types](/nginx-ingress-controller/configuration/ingress-resources/cross-namespace-configuration).
+The VirtualServerRoute resource defines a route for a VirtualServer. It can consist of one or multiple subroutes. The VirtualServerRoute is an alternative to [Mergeable Ingress types]({{< ref "/nic/configuration/ingress-resources/cross-namespace-configuration.md" >}}).
 
 In the example below, the VirtualServer `cafe` from the namespace `cafe-ns` defines a route with the path `/coffee`, which is further defined in the VirtualServerRoute `coffee` from the namespace `coffee-ns`.
 
@@ -303,7 +303,7 @@ action:
 |Field | Description | Type | Required |
 | ---| ---| ---| --- |
 |``path`` | The path of the subroute. NGINX will match it against the URI of a request. Possible values are: a prefix ( ``/`` , ``/path`` ), an exact match ( ``=/exact/match`` ), a case insensitive regular expression ( ``~*^/Bar.*\.jpg`` ) or a case sensitive regular expression ( ``~^/foo.*\.jpg`` ). In the case of a prefix, the path must start with the same path as the path of the route of the VirtualServer that references this resource. In the case of an exact or regex match, the path must be the same as the path of the route of the VirtualServer that references this resource. A matching path of the route of the VirtualServer but in different type is not accepted, e.g. a regex path (`~/match`) cannot be used with a prefix path in VirtualServer (`/match`) In the case of a prefix or an exact match, the path must not include any whitespace characters, ``{`` , ``}`` or ``;``.  In the case of the regex matches, all double quotes ``"`` must be escaped and the match can't end in an unescaped backslash ``\``. The path must be unique among the paths of all subroutes of the VirtualServerRoute. | ``string`` | Yes |
-|``policies`` | A list of policies. The policies override *all* policies defined in the route of the VirtualServer that references this resource. The policies also override the policies of the same type defined in the ``spec`` of the VirtualServer. See [Applying Policies](/nginx-ingress-controller/configuration/policy-resource/#applying-policies) for more details. | [[]policy](#virtualserverpolicy) | No |
+|``policies`` | A list of policies. The policies override *all* policies defined in the route of the VirtualServer that references this resource. The policies also override the policies of the same type defined in the ``spec`` of the VirtualServer. See [Applying Policies]({{< ref "/nic/configuration/policy-resource.md#applying-policies" >}}) for more details. | [[]policy](#virtualserverpolicy) | No |
 |``action`` | The default action to perform for a request. | [action](#action) | No |
 |``dos`` | A reference to a DosProtectedResource, setting this enables DOS protection of the VirtualServerRoute subroute. | ``string`` | No |
 |``splits`` | The default splits configuration for traffic splitting. Must include at least 2 splits. | [[]split](#split) | No |
@@ -352,7 +352,7 @@ tls:
 |``subselector`` | Selects the pods within the service using label keys and values. By default, all pods of the service are selected. Note: the specified labels are expected to be present in the pods when they are created. If the pod labels are updated, NGINX Ingress Controller will not see that change until the number of the pods is changed. | ``map[string]string`` | No |
 |``use-cluster-ip`` | Enables using the Cluster IP and port of the service instead of the default behavior of using the IP and port of the pods. When this field is enabled, the fields that configure NGINX behavior related to multiple upstream servers (like ``lb-method`` and ``next-upstream``) will have no effect, as NGINX Ingress Controller will configure NGINX with only one upstream server that will match the service Cluster IP. | ``boolean`` | No |
 |``port`` | The port of the service. If the service doesn't define that port, NGINX will assume the service has zero endpoints and return a ``502`` response for requests for this upstream. The port must fall into the range ``1..65535``. | ``uint16`` | Yes |
-|``lb-method`` | The load [balancing method](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/#choosing-a-load-balancing-method). To use the round-robin method, specify ``round_robin``. The default is specified in the ``lb-method`` ConfigMap key. | ``string`` | No |
+|``lb-method`` | The load [balancing method]({{< ref "/nginx/admin-guide/load-balancer/http-load-balancer.md#choosing-a-load-balancing-method" >}}). To use the round-robin method, specify ``round_robin``. The default is specified in the ``lb-method`` ConfigMap key. | ``string`` | No |
 |``fail-timeout`` | The time during which the specified number of unsuccessful attempts to communicate with an upstream server should happen to consider the server unavailable. See the [fail_timeout](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#fail_timeout) parameter of the server directive. The default is set in the ``fail-timeout`` ConfigMap key. | ``string`` | No |
 |``max-fails`` | The number of unsuccessful attempts to communicate with an upstream server that should happen in the duration set by the ``fail-timeout`` to consider the server unavailable. See the [max_fails](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#max_fails) parameter of the server directive. The default is set in the ``max-fails`` ConfigMap key. | ``int`` | No |
 |``max-conns`` | The maximum number of simultaneous active connections to an upstream server. See the [max_conns](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#max_conns) parameter of the server directive. By default there is no limit. Note: if keepalive connections are enabled, the total number of active and idle keepalive connections to an upstream server may exceed the ``max_conns`` value. | ``int`` | No |
@@ -372,7 +372,7 @@ tls:
 |``buffers`` | Configures the buffers used for reading a response from the upstream server for a single connection. | [buffers](#upstreambuffers) | No |
 |``buffer-size`` | Sets the size of the buffer used for reading the first part of a response received from the upstream server. See the [proxy_buffer_size](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffer_size) directive. The default is set in the ``proxy-buffer-size`` ConfigMap key. | ``string`` | No |
 |``ntlm`` | Allows proxying requests with NTLM Authentication. See the [ntlm](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#ntlm) directive. In order for NTLM authentication to work, it is necessary to enable keepalive connections to upstream servers using the ``keepalive`` field. Note: this feature is supported only in NGINX Plus.| ``boolean`` | No |
-|``type`` |The type of the upstream. Supported values are ``http`` and ``grpc``. The default is ``http``. For gRPC, it is necessary to enable HTTP/2 in the [ConfigMap](/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#listeners) and configure TLS termination in the VirtualServer. | ``string`` | No |
+|``type`` |The type of the upstream. Supported values are ``http`` and ``grpc``. The default is ``http``. For gRPC, it is necessary to enable HTTP/2 in the [ConfigMap]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#listeners" >}}) and configure TLS termination in the VirtualServer. | ``string`` | No |
 |``backup`` | The name of the backup service of type [ExternalName](https://kubernetes.io/docs/concepts/services-networking/service/#externalname). This will be used when the primary servers are unavailable. Note: The parameter cannot be used along with the ``random`` , ``hash`` or ``ip_hash`` load balancing methods. | ``string`` | No |
 |``backupPort`` | The port of the backup service. The backup port is required if the backup service name is provided. The port must fall into the range ``1..65535``. | ``uint16`` | No |
 {{</bootstrap-table>}}
@@ -400,7 +400,7 @@ See the [proxy_buffers](https://nginx.org/en/docs/http/ngx_http_proxy_module.htm
 {{<bootstrap-table "table table-striped table-bordered table-responsive">}}
 |Field | Description | Type | Required |
 | ---| ---| ---| --- |
-|``enable`` | Enables HTTPS for requests to upstream servers. The default is ``False`` , meaning that HTTP will be used. Note: by default, NGINX will not verify the upstream server certificate. To enable the verification, configure an [EgressMTLS Policy](/nginx-ingress-controller/configuration/policy-resource/#egressmtls). | ``boolean`` | No |
+|``enable`` | Enables HTTPS for requests to upstream servers. The default is ``False`` , meaning that HTTP will be used. Note: by default, NGINX will not verify the upstream server certificate. To enable the verification, configure an [EgressMTLS Policy]({{< ref "/nic/configuration/policy-resource/#egressmtls" >}}). | ``boolean`` | No |
 {{</bootstrap-table>}}
 
 ### Upstream.Queue
@@ -425,7 +425,7 @@ Note: This feature is supported only in NGINX Plus.
 
 ### Upstream.Healthcheck
 
-The Healthcheck defines an [active health check](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/). In the example below we enable a health check for an upstream and configure all the available parameters, including the `slow-start` parameter combined with [`mandatory` and `persistent`](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#mandatory-health-checks):
+The Healthcheck defines an [active health check]({{< ref "/nginx/admin-guide/load-balancer.md#http-health-check" >}}). In the example below we enable a health check for an upstream and configure all the available parameters, including the `slow-start` parameter combined with [`mandatory` and `persistent`]({{< ref "/nginx/admin-guide/load-balancer/http-health-check.md#mandatory-health-checks" >}}):
 
 ```yaml
 name: tea
@@ -1089,7 +1089,7 @@ NGINX Ingress Controller validates VirtualServerRoute resources in a similar way
 
 ## Customization using ConfigMap
 
-You can customize the NGINX configuration for VirtualServer and VirtualServerRoutes resources using the [ConfigMap](/nginx-ingress-controller/configuration/global-configuration/configmap-resource). Most of the ConfigMap keys are supported, with the following exceptions:
+You can customize the NGINX configuration for VirtualServer and VirtualServerRoutes resources using the [ConfigMap]({{< ref "/nic/configuration/global-configuration/configmap-resource.md" >}}). Most of the ConfigMap keys are supported, with the following exceptions:
 
 - `proxy-hide-headers`
 - `proxy-pass-headers`
diff --git a/content/nic/installation/ingress-nginx.md b/content/nic/installation/ingress-nginx.md
index cdace0791..cc8fc2ebb 100644
--- a/content/nic/installation/ingress-nginx.md
+++ b/content/nic/installation/ingress-nginx.md
@@ -459,17 +459,17 @@ This table maps the Ingress-NGINX Controller annotations to NGINX Ingress Contro
 {{< bootstrap-table "table table-bordered table-striped table-responsive" >}}
 | Ingress-NGINX Controller | NGINX Ingress Controller | NGINX Directive |
 | ------------------------ | ------------------------ | --------------- |
-| [_nginx.ingress.kubernetes.io/configuration-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#configuration-snippet) | [_nginx.org/location-snippets_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#snippets-and-custom-templates) | N/A |
-| [_nginx.ingress.kubernetes.io/load-balance_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#custom-nginx-load-balancing) (1) |  [_nginx.org/lb-method_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#backend-services-upstreams) | [_random two least_conn_](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#random) |
-| [_nginx.ingress.kubernetes.io/proxy-buffering_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#proxy-buffering) | [_nginx.org/proxy-buffering_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#general-customization) | [_proxy_buffering_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffering) |
-| [_nginx.ingress.kubernetes.io/proxy-buffers-number_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#proxy-buffers-number) | [_nginx.org/proxy-buffers_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#general-customization) | [_proxy_buffers_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffers) |
-| [_nginx.ingress.kubernetes.io/proxy-buffer-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#proxy-buffer-size) | [_nginx.org/proxy-buffer-size_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#general-customization) | [_proxy_buffer_size_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffer_size) |
-| [_nginx.ingress.kubernetes.io/proxy-connect-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#custom-timeouts) | [_nginx.org/proxy-connect-timeout_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#general-customization) | [_proxy_connect_timeout_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_connect_timeout) |
-| [_nginx.ingress.kubernetes.io/proxy-read-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#custom-timeouts) | [_nginx.org/proxy-read-timeout_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#general-customization) | [_proxy_read_timeout_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_read_timeout) |
-| [_nginx.ingress.kubernetes.io/proxy-send-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#custom-timeouts) | [_nginx.org/proxy-send-timeout_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#general-customization) | [_proxy_send_timeout_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_send_timeout) |
-| [_nginx.ingress.kubernetes.io/rewrite-target_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#rewrite) | [_nginx.org/rewrites_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#request-uriheader-manipulation) | [_rewrite_](https://nginx.org/en/docs/http/ngx_http_rewrite_module.html#rewrite) |
-| [_nginx.ingress.kubernetes.io/server-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#server-snippet)| [_nginx.org/server-snippets_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#snippets-and-custom-templates) | N/A |
-| [_nginx.ingress.kubernetes.io/ssl-redirect_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#server-side-https-enforcement-through-redirect) | [_ingress.kubernetes.io/ssl-redirect_](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/#auth-and-ssltls) | N/A (2) |
+| [_nginx.ingress.kubernetes.io/configuration-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#configuration-snippet) | [_nginx.org/location-snippets_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#snippets-and-custom-templates" >}}) | N/A |
+| [_nginx.ingress.kubernetes.io/load-balance_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#custom-nginx-load-balancing) (1) |  [_nginx.org/lb-method_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#backend-services-upstreams" >}}) | [_random two least_conn_](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#random) |
+| [_nginx.ingress.kubernetes.io/proxy-buffering_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#proxy-buffering) | [_nginx.org/proxy-buffering_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#general-customization" >}}) | [_proxy_buffering_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffering) |
+| [_nginx.ingress.kubernetes.io/proxy-buffers-number_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#proxy-buffers-number) | [_nginx.org/proxy-buffers_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#general-customization" >}}) | [_proxy_buffers_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffers) |
+| [_nginx.ingress.kubernetes.io/proxy-buffer-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#proxy-buffer-size) | [_nginx.org/proxy-buffer-size_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#general-customization" >}}) | [_proxy_buffer_size_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffer_size) |
+| [_nginx.ingress.kubernetes.io/proxy-connect-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#custom-timeouts) | [_nginx.org/proxy-connect-timeout_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#general-customization" >}}) | [_proxy_connect_timeout_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_connect_timeout) |
+| [_nginx.ingress.kubernetes.io/proxy-read-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#custom-timeouts) | [_nginx.org/proxy-read-timeout_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#general-customization" >}}) | [_proxy_read_timeout_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_read_timeout) |
+| [_nginx.ingress.kubernetes.io/proxy-send-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#custom-timeouts) | [_nginx.org/proxy-send-timeout_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#general-customization" >}}) | [_proxy_send_timeout_](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_send_timeout) |
+| [_nginx.ingress.kubernetes.io/rewrite-target_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#rewrite) | [_nginx.org/rewrites_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#request-uriheader-manipulation" >}}) | [_rewrite_](https://nginx.org/en/docs/http/ngx_http_rewrite_module.html#rewrite) |
+| [_nginx.ingress.kubernetes.io/server-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#server-snippet)| [_nginx.org/server-snippets_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#snippets-and-custom-templates" >}}) | N/A |
+| [_nginx.ingress.kubernetes.io/ssl-redirect_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#server-side-https-enforcement-through-redirect) | [_ingress.kubernetes.io/ssl-redirect_]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#auth-and-ssltls" >}}) | N/A (2) |
 {{% /bootstrap-table %}}
 
 1. Ingress-NGINX Controller implements some of its load balancing algorithms with Lua, which may not have an equivalent in NGINX Ingress Controller.
@@ -505,42 +505,42 @@ Some of the key names are identical, and each Ingress Controller has ConfigMap k
 {{< bootstrap-table "table table-bordered table-striped table-responsive" >}}
 | Ingress-NGINX Controller | NGINX Ingress Controller |
 | ------------------------ | ------------------------ |
-| [_disable-access-log_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#disable-access-log) | [_access-log-off_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#logging) |
-| [_error-log-level_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#error-log-level) | [_error-log-level_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#logging) |
-| [_hsts_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#hsts) | [_hsts_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#auth-and-ssltls) |
-| [_hsts-include-subdomains_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#hsts-include-subdomains) | [_hsts-include-subdomains_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#auth-and-ssltls)       |
-| [_hsts-max-age_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#hsts-max-age) | [_hsts-max-age_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#auth-and-ssltls) |
-| [_http-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#http-snippet) | [_http-snippets_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#snippets-and-custom-templates) |
-| [_keep-alive_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#keep-alive) | [_keepalive-timeout_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_keep-alive-requests_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#keep-alive-requests) | [_keepalive-requests_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_load-balance_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#load-balance) | [_lb-method_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#backend-services-upstreams) |
-| [_location-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#location-snippet) | [_location-snippets_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#snippets-and-custom-templates) |
-| [_log-format-escape-json_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#log-format-escape-json) | [_log-format-escaping: "json"_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#logging) |
-| [_log-format-stream_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#log-format-stream) | [_stream-log-format_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#logging) |
-| [_log-format-upstream_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#log-format-upstream) | [_log-format_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#logging) |
-| [_main-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#main-snippet) | [_main-snippets_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#snippets-and-custom-templates) |
-| [_max-worker-connections_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#max-worker-connections) | [_worker-connections_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_max-worker-open-files_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#max-worker-open-files) | [_worker-rlimit-nofile_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_proxy-body-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-body-size) | [_client-max-body-size_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_proxy-buffering_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-buffering) | [_proxy-buffering_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_proxy-buffers-number_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-buffers-number) | [_proxy-buffers: number size_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_proxy-buffer-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-buffer-size) | [_proxy-buffers: number size_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_proxy-connect-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-connect-timeout) | [_proxy-connect-timeout_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_proxy-read-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-read-timeout) | [_proxy-read-timeout_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_proxy-send-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-send-timeout) | [_proxy-send-timeout_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_server-name-hash-bucket-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#server-name-hash-bucket-size) | [_server-names-hash-bucket-size_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_proxy-headers-hash-max-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-headers-hash-max-size) | [_server-names-hash-max-size_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_server-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#server-snippet) | [_server-snippets_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#snippets-and-custom-templates) |
-| [_server-tokens _](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#server-tokens) | [_server-tokens_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_ssl-ciphers_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#ssl-ciphers) | [_ssl-ciphers_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#auth-and-ssltls) |
-| [_ssl-dh-param_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#ssl-dh-param) | [_ssl-dhparam-file_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#auth-and-ssltls) |
-| [_ssl-protocols_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#ssl-protocols) | [_ssl-protocols_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#auth-and-ssltls) |
-| [_ssl-redirect_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#ssl-redirect) | [_ssl-redirect_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#auth-and-ssltls) |
-| [_upstream-keepalive-connections_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#upstream-keepalive-connections) | [_keepalive_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#backend-services-upstreams) |
-| [_use-http2_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#use-http2) | [_http2_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#listeners) |
-| [_use-proxy-protocol_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#use-proxy-protocol) | [_proxy-protocol_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#listeners) |
-| [_variables-hash-bucket-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#variables-hash-bucket-size)     | [_variables-hash-bucket-size_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_worker-cpu-affinity_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#worker-cpu-affinity) | [_worker-cpu-affinity_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_worker-processes_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#worker-processes) | [_worker-processes_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
-| [_worker-shutdown-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#worker-shutdown-timeout) | [_worker-shutdown-timeole_](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/#general-customization) |
+| [_disable-access-log_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#disable-access-log) | [_access-log-off_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#logging" >}}) |
+| [_error-log-level_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#error-log-level) | [_error-log-level_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#logging" >}}) |
+| [_hsts_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#hsts) | [_hsts_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#auth-and-ssltls" >}}) |
+| [_hsts-include-subdomains_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#hsts-include-subdomains) | [_hsts-include-subdomains_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#auth-and-ssltls" >}})       |
+| [_hsts-max-age_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#hsts-max-age) | [_hsts-max-age_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#auth-and-ssltls" >}}) |
+| [_http-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#http-snippet) | [_http-snippets_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#snippets-and-custom-templates" >}}) |
+| [_keep-alive_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#keep-alive) | [_keepalive-timeout_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_keep-alive-requests_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#keep-alive-requests) | [_keepalive-requests_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_load-balance_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#load-balance) | [_lb-method_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#backend-services-upstreams" >}}) |
+| [_location-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#location-snippet) | [_location-snippets_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#snippets-and-custom-templates" >}}) |
+| [_log-format-escape-json_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#log-format-escape-json) | [_log-format-escaping: "json"_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#logging" >}}) |
+| [_log-format-stream_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#log-format-stream) | [_stream-log-format_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#logging" >}}) |
+| [_log-format-upstream_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#log-format-upstream) | [_log-format_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#logging" >}}) |
+| [_main-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#main-snippet) | [_main-snippets_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#snippets-and-custom-templates" >}}) |
+| [_max-worker-connections_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#max-worker-connections) | [_worker-connections_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_max-worker-open-files_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#max-worker-open-files) | [_worker-rlimit-nofile_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_proxy-body-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-body-size) | [_client-max-body-size_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_proxy-buffering_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-buffering) | [_proxy-buffering_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_proxy-buffers-number_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-buffers-number) | [_proxy-buffers: number size_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_proxy-buffer-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-buffer-size) | [_proxy-buffers: number size_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_proxy-connect-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-connect-timeout) | [_proxy-connect-timeout_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_proxy-read-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-read-timeout) | [_proxy-read-timeout_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_proxy-send-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-send-timeout) | [_proxy-send-timeout_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_server-name-hash-bucket-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#server-name-hash-bucket-size) | [_server-names-hash-bucket-size_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_proxy-headers-hash-max-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-headers-hash-max-size) | [_server-names-hash-max-size_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_server-snippet_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#server-snippet) | [_server-snippets_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#snippets-and-custom-templates" >}}) |
+| [_server-tokens _](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#server-tokens) | [_server-tokens_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_ssl-ciphers_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#ssl-ciphers) | [_ssl-ciphers_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#auth-and-ssltls" >}}) |
+| [_ssl-dh-param_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#ssl-dh-param) | [_ssl-dhparam-file_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#auth-and-ssltls" >}}) |
+| [_ssl-protocols_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#ssl-protocols) | [_ssl-protocols_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#auth-and-ssltls" >}}) |
+| [_ssl-redirect_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#ssl-redirect) | [_ssl-redirect_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#auth-and-ssltls" >}}) |
+| [_upstream-keepalive-connections_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#upstream-keepalive-connections) | [_keepalive_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#backend-services-upstreams" >}}) |
+| [_use-http2_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#use-http2) | [_http2_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#listeners" >}}) |
+| [_use-proxy-protocol_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#use-proxy-protocol) | [_proxy-protocol_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#listeners" >}}) |
+| [_variables-hash-bucket-size_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#variables-hash-bucket-size)     | [_variables-hash-bucket-size_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_worker-cpu-affinity_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#worker-cpu-affinity) | [_worker-cpu-affinity_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_worker-processes_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#worker-processes) | [_worker-processes_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
+| [_worker-shutdown-timeout_](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#worker-shutdown-timeout) | [_worker-shutdown-timeole_]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#general-customization" >}}) |
 {{% /bootstrap-table %}}
diff --git a/content/nic/installation/installing-nic/deploy-with-nap-using-helm.md b/content/nic/installation/installing-nic/deploy-with-nap-using-helm.md
index 93cf807fd..815ac0166 100644
--- a/content/nic/installation/installing-nic/deploy-with-nap-using-helm.md
+++ b/content/nic/installation/installing-nic/deploy-with-nap-using-helm.md
@@ -2,8 +2,8 @@
 title: Install NGINX Ingress Controller and NGINX App Protect WAF with Docker and Helm
 toc: true
 weight: 500
-type: how-to
-product: NIC
+nd-content-type: how-to
+nd-product: NIC
 ---
 
 This document describes how to build a local F5 NGINX App Protect WAF v5 Docker image with NGINX Plus Ingress 
@@ -340,4 +340,4 @@ deployment in a single file with the policy bundle already set.
 
 You now have a fully operational NGINX Ingress Controller instance with NGINX App Protect deployed in your Kubernetes environment. 
 
-For further details, troubleshooting, or support, refer to the [official NGINX documentation](https://docs.nginx.com) or reach out directly to your F5/NGINX account team.
+For further details, troubleshooting, or support, refer to the [official NGINX documentation]({{< ref "/" >}}) or reach out directly to your F5/NGINX account team.
diff --git a/content/nic/installation/installing-nic/installation-with-helm.md b/content/nic/installation/installing-nic/installation-with-helm.md
index 460b838ac..3580dce67 100644
--- a/content/nic/installation/installing-nic/installation-with-helm.md
+++ b/content/nic/installation/installing-nic/installation-with-helm.md
@@ -334,7 +334,7 @@ The following tables lists the configurable parameters of the NGINX Ingress Cont
 | **controller.customConfigMap** | The name of the custom ConfigMap used by the Ingress Controller. If set, then the default config is ignored. | "" |
 | **controller.config.name** | The name of the ConfigMap used by the Ingress Controller. | Autogenerated |
 | **controller.config.annotations** | The annotations of the Ingress Controller configmap. | {} |
-| **controller.config.entries** | The entries of the ConfigMap for customizing NGINX configuration. See [ConfigMap resource docs](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/) for the list of supported ConfigMap keys. | {} |
+| **controller.config.entries** | The entries of the ConfigMap for customizing NGINX configuration. See [ConfigMap resource docs]({{< ref "/nic/configuration/global-configuration/configmap-resource.md" >}}) for the list of supported ConfigMap keys. | {} |
 | **controller.customPorts** | A list of custom ports to expose on the NGINX Ingress Controller pod. Follows the conventional Kubernetes yaml syntax for container ports. | [] |
 | **controller.defaultTLS.cert** | The base64-encoded TLS certificate for the default HTTPS server. **Note:** It is recommended that you specify your own certificate. Alternatively, omitting the default server secret completely will configure NGINX to reject TLS connections to the default server. |
 | **controller.defaultTLS.key** | The base64-encoded TLS key for the default HTTPS server. **Note:** It is recommended that you specify your own key. Alternatively, omitting the default server secret completely will configure NGINX to reject TLS connections to the default server. |
@@ -454,7 +454,7 @@ The following tables lists the configurable parameters of the NGINX Ingress Cont
 | **controller.readOnlyRootFilesystem** | Configure root filesystem as read-only and add volumes for temporary data. Three major releases after 3.5.x this argument will be moved permanently to the `controller.securityContext` section.  | false |
 | **controller.enableSSLDynamicReload** | Enable lazy loading for SSL Certificates. | true |
 | **controller.telemetryReporting.enable** | Enable telemetry reporting. | true |
-| **controller.enableWeightChangesDynamicReload** | Enable weight changes without reloading the NGINX configuration. May require increasing `map_hash_bucket_size`, `map_hash_max_size`, `variable_hash_bucket_size`, and `variable_hash_max_size` in the [ConfigMap](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/) if there are many two-way splits. Requires `controller.nginxplus` | false |
+| **controller.enableWeightChangesDynamicReload** | Enable weight changes without reloading the NGINX configuration. May require increasing `map_hash_bucket_size`, `map_hash_max_size`, `variable_hash_bucket_size`, and `variable_hash_max_size` in the [ConfigMap]({{< ref "/nic/configuration/global-configuration/configmap-resource.md" >}}) if there are many two-way splits. Requires `controller.nginxplus` | false |
 | **rbac.create** | Configures RBAC. | true |
 | **rbac.clusterrole.create** | Configures creation of ClusterRole. Creation can be disabled when more fine-grained control over RBAC is required. For example when controller.watchNamespace is used. | true |
 | **prometheus.create** | Expose NGINX or NGINX Plus metrics in the Prometheus format. | true |
@@ -472,18 +472,18 @@ The following tables lists the configurable parameters of the NGINX Ingress Cont
 | **serviceInsight.scheme** | Configures the HTTP scheme to use for connections to the Service Insight endpoint. | http |
 | **serviceInsight.secret** | The namespace / name of a Kubernetes TLS Secret. If specified, this secret is used to secure the Service Insight endpoint with TLS connections. | "" |
 | **serviceNameOverride** | Used to prevent cloud load balancers from being replaced due to service name change during helm upgrades. | "" |
-| **nginxServiceMesh.enable** | Enable integration with NGINX Service Mesh. See the NGINX Service Mesh [docs](https://docs.nginx.com/nginx-service-mesh/tutorials/kic/deploy-with-kic/) for more details. Requires `controller.nginxplus`. | false |
-| **nginxServiceMesh.enableEgress** | Enable NGINX Service Mesh workloads to route egress traffic through the Ingress Controller. See the NGINX Service Mesh [docs](https://docs.nginx.com/nginx-service-mesh/tutorials/kic/deploy-with-kic/#enabling-egress) for more details. Requires `nginxServiceMesh.enable`. | false |
+| **nginxServiceMesh.enable** | Enable integration with NGINX Service Mesh. See the NGINX Service Mesh docs for more details. Requires `controller.nginxplus`. | false |
+| **nginxServiceMesh.enableEgress** | Enable NGINX Service Mesh workloads to route egress traffic through the Ingress Controller. See the NGINX Service Mesh docs for more details. Requires `nginxServiceMesh.enable`. | false |
 |**nginxAgent.enable** | Enable NGINX Agent to integrate the Security Monitoring and App Protect WAF modules. Requires `controller.appprotect.enable`. | false |
 |**nginxAgent.instanceGroup** | Set a custom Instance Group name for the deployment, shown when connected to NGINX Instance Manager. `nginx-ingress.controller.fullname` will be used if not set. | "" |
 |**nginxAgent.logLevel** | Log level for NGINX Agent. | "error |
 |**nginxAgent.instanceManager.host** | FQDN or IP for connecting to NGINX Ingress Controller. Required when `nginxAgent.enable` is set to `true` | "" |
 |**nginxAgent.instanceManager.grpcPort** | Port for connecting to NGINX Ingress Controller. | 443 |
-|**nginxAgent.instanceManager.sni** | Server Name Indication for Instance Manager. See the NGINX Agent [docs](https://docs.nginx.com/nginx-agent/configuration/encrypt-communication/) for more details. | "" |
+|**nginxAgent.instanceManager.sni** | Server Name Indication for Instance Manager. See the NGINX Agent [docs]({{< ref "/agent/configuration/encrypt-communication.md" >}}) for more details. | "" |
 |**nginxAgent.instanceManager.tls.enable** | Enable TLS for Instance Manager connection. | true |
 |**nginxAgent.instanceManager.tls.skipVerify** | Skip certification verification for Instance Manager connection. | false |
 |**nginxAgent.instanceManager.tls.caSecret** | Name of `nginx.org/ca` secret used for verification of Instance Manager TLS. | "" |
-|**nginxAgent.instanceManager.tls.secret** | Name of `kubernetes.io/tls` secret with a TLS certificate and key for using mTLS between NGINX Agent and Instance Manager. See the NGINX Instance Manager [docs](https://docs.nginx.com/nginx-instance-manager/system-configuration/secure-traffic/#mutual-client-certificate-authentication-setup-mtls) and the NGINX Agent [docs](https://docs.nginx.com/nginx-agent/configuration/encrypt-communication/) for more details. | "" |
+|**nginxAgent.instanceManager.tls.secret** | Name of `kubernetes.io/tls` secret with a TLS certificate and key for using mTLS between NGINX Agent and Instance Manager. See the NGINX Instance Manager [docs]({{< ref "/nim/system-configuration/secure-traffic.md#mutual-client-certificate-authentication-setup-mtls" >}}) and the NGINX Agent [docs]({{< ref "/agent/configuration/encrypt-communication.md" >}}) for more details. | "" |
 |**nginxAgent.syslog.host** | Address for NGINX Agent to run syslog listener. | 127.0.0.1 |
 |**nginxAgent.syslog.port** | Port for NGINX Agent to run syslog listener. | 1514 |
 |**nginxAgent.napMonitoring.collectorBufferSize** | Buffer size for collector. Will contain log lines and parsed log lines. | 50000 |
diff --git a/content/nic/installation/integrations/app-protect-dos/troubleshoot-app-protect-dos.md b/content/nic/installation/integrations/app-protect-dos/troubleshoot-app-protect-dos.md
index 3b3fd61c5..323c2d53e 100644
--- a/content/nic/installation/integrations/app-protect-dos/troubleshoot-app-protect-dos.md
+++ b/content/nic/installation/integrations/app-protect-dos/troubleshoot-app-protect-dos.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-1456
-doctypes:
-- ''
 title: Troubleshoot NGINX App Protect DoS
 toc: true
 weight: 400
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-1456
 ---
 
 This document describes how to troubleshoot problems when using NGINX Ingress Controller and the App Protect DoS module.
@@ -106,6 +106,7 @@ The events section has a *Normal* event with the *AddedOrUpdated reason*, indica
 
 ## Run App Protect DoS in Debug log Mode
 
-When you set the Ingress Controller to use debug log mode, the setting also applies to the App Protect DoS module.  See  [Running NGINX in the Debug Mode](/nginx-ingress-controller/troubleshooting/#running-nginx-in-the-debug-mode) for instructions.
+When you configure NGINX Ingress Controller to use debug log mode, the setting also applies to the App Protect DoS module. See [Enable debugging for NGINX Ingress Controller
+]({{< ref "/nic/troubleshooting/troubleshoot-common.md#enable-debugging-for-nginx-ingress-controller" >}}) for instructions.
 
-You can enable debug log mode to App Protect DoS module only by setting the `app-protect-dos-debug` [configmap](/nginx-ingress-controller/configuration/global-configuration/configmap-resource#modules).
+You can enable debug log mode to App Protect DoS module only by setting the `app-protect-dos-debug` [configmap]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#modules" >}}).
diff --git a/content/nic/installation/integrations/app-protect-waf-v5/compile-waf-policies.md b/content/nic/installation/integrations/app-protect-waf-v5/compile-waf-policies.md
index d6abcb83c..c34785d49 100644
--- a/content/nic/installation/integrations/app-protect-waf-v5/compile-waf-policies.md
+++ b/content/nic/installation/integrations/app-protect-waf-v5/compile-waf-policies.md
@@ -2,9 +2,9 @@
 title: Compile NGINX App Protect WAF policies using NGINX Instance Manager
 weight: 300
 toc: true
-type: how-to
-product: NIC
-docs: DOCS-000
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-000
 ---
 
 ## Overview
@@ -22,8 +22,8 @@ The following steps describe how to use the NGINX Instance Manager API to create
 ## Before you start
 
 ### Requirements
-- A working [NGINX Instance Manager](https://docs.nginx.com/nginx-instance-manager/deploy/) instance.
-- An [NGINX Instance Manager user](https://docs.nginx.com/nginx-instance-manager/admin-guide/rbac/overview-rbac/) for API requests.
+- A working [NGINX Instance Manager]({{< ref "/nim/deploy/" >}}) instance.
+- An [NGINX Instance Manager user]({{< ref "/nim/admin-guide/rbac/overview-rbac.md" >}}) for API requests.
 - A NGINX Ingress Controller [deployment with NGINX App Protect WAF]({{< ref "/nic/installation/integrations/app-protect-waf/installation.md" >}}).
 
 ---
@@ -32,7 +32,7 @@ The following steps describe how to use the NGINX Instance Manager API to create
 
 {{< tip >}} You can skip this step if you intend to use an existing security policy. {{< /tip >}}
 
-Create a [new security policy](https://docs.nginx.com/nginx-instance-manager/nginx-app-protect/manage-waf-security-policies/#create-security-policy) using the API: this will require the use of a tool such as [`curl`](https://curl.se/) or [Postman](https://www.postman.com/)
+Create a [new security policy]({{< ref "/nim/nginx-app-protect/manage-waf-security-policies.md#create-security-policy" >}}) using the API: this will require the use of a tool such as [`curl`](https://curl.se/) or [Postman](https://www.postman.com/)
 
 Create the file `simple-policy.json` with the contents below:
 
@@ -91,7 +91,7 @@ It is one of two unique IDs we will use to download the bundle: it will be refer
 
 ## Create a new security bundle
 
-Once you have created (Or selected) a security policy, [create a security bundle](https://docs.nginx.com/nginx-instance-manager/nginx-app-protect/manage-waf-security-policies/#create-security-policy-bundles) using the API. The version in the bundle you create **must** match the WAF compiler version you intend to use.
+Once you have created (Or selected) a security policy, [create a security bundle]({{< ref "/nim/nginx-app-protect/manage-waf-security-policies.md#create-security-policy-bundles" >}}) using the API. The version in the bundle you create **must** match the WAF compiler version you intend to use.
 
 You can check which version is installed in NGINX Instance Manager by checking the operating system packages. If the wrong version is noted in the JSON payload, you will receive an error similar to below:
 
diff --git a/content/nic/installation/integrations/app-protect-waf-v5/configuration.md b/content/nic/installation/integrations/app-protect-waf-v5/configuration.md
index b1c0c805e..748e56d79 100644
--- a/content/nic/installation/integrations/app-protect-waf-v5/configuration.md
+++ b/content/nic/installation/integrations/app-protect-waf-v5/configuration.md
@@ -2,14 +2,14 @@
 title: Configure NGINX App Protect with NGINX Ingress Controller
 weight: 200
 toc: true
-type: how-to
-product: NIC
-docs: DOCS-000
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-000
 ---
 
 ## Overview
 
-This document explains how to use F5 NGINX Ingress Controller to configure [NGINX App Protect WAF v5](https://docs.nginx.com/nginx-app-protect-waf/v5/).
+This document explains how to use F5 NGINX Ingress Controller to configure [NGINX App Protect WAF v5]({{< ref "/nap-waf/v5/" >}}).
 
 {{< note >}} There are complete NGINX Ingress Controller with NGINX App Protect WAF [example resources on GitHub](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/custom-resources/app-protect-waf-v5). {{< /note >}}
 
diff --git a/content/nic/installation/integrations/app-protect-waf-v5/troubleshoot-app-protect-waf.md b/content/nic/installation/integrations/app-protect-waf-v5/troubleshoot-app-protect-waf.md
index 65a76a872..65594dcf6 100644
--- a/content/nic/installation/integrations/app-protect-waf-v5/troubleshoot-app-protect-waf.md
+++ b/content/nic/installation/integrations/app-protect-waf-v5/troubleshoot-app-protect-waf.md
@@ -2,16 +2,16 @@
 title: Troubleshoot NGINX App Protect WAF
 weight: 400
 toc: true
-type: how-to
-product: NIC
-docs: DOCS-000
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-000
 ---
 
 This document describes how to troubleshoot problems when using NGINX Ingress Controller and the NGINX App Protect WAF module version 5.
 
 For general troubleshooting of NGINX Ingress Controller, check the general [troubleshooting]({{< ref "/nic/troubleshooting/troubleshoot-common" >}}) documentation.
 
-{{< see-also >}} You can find more troubleshooting tips in the NGINX App Protect WAF [troubleshooting guide](https://docs.nginx.com/nginx-app-protect-waf/v5/troubleshooting-guide/troubleshooting/) {{< /see-also >}}.
+{{< see-also >}} You can find more troubleshooting tips in the NGINX App Protect WAF [troubleshooting guide]({{< ref "/nap-waf/v5/troubleshooting-guide/troubleshooting.md" >}}) {{< /see-also >}}.
 
 ## Potential problems
 
diff --git a/content/nic/installation/integrations/nic-n1-console.md b/content/nic/installation/integrations/nic-n1-console.md
index 231c9c329..8602062a0 100644
--- a/content/nic/installation/integrations/nic-n1-console.md
+++ b/content/nic/installation/integrations/nic-n1-console.md
@@ -24,7 +24,7 @@ nginxAgent:
   dataplaneKey: "<Your Dataplane Key>"
 ```
 
- The `dataplaneKey` is used to authenticate the agent with NGINX One Console. See the NGINX One Console Docs [here](https://docs.nginx.com/nginx-one/getting-started/#generate-data-plane-key) to generate your dataplane key from the NGINX One Console.
+ The `dataplaneKey` is used to authenticate the agent with NGINX One Console. See the NGINX One Console Docs [here]({{< ref "/nginx-one/getting-started.md#generate-data-plane-key" >}}) to generate your dataplane key from the NGINX One Console.
 
 
 Follow the [Installation with Helm]({{< ref "/nic/installation/installing-nic/installation-with-helm.md" >}}) instructions to deploy NGINX Ingress Controller.
diff --git a/content/nic/installation/nic-images/get-image-using-jwt.md b/content/nic/installation/nic-images/get-image-using-jwt.md
index 7e1a52f61..1dff0c74b 100644
--- a/content/nic/installation/nic-images/get-image-using-jwt.md
+++ b/content/nic/installation/nic-images/get-image-using-jwt.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-1454
-doctypes:
-- ''
 title: Get the NGINX Ingress Controller image with JWT
 toc: true
 weight: 150
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-1454
 ---
 
 This document describes how to pull the F5 NGINX Plus Ingress Controller image from the F5 Docker registry into your Kubernetes cluster using your JWT token.
@@ -41,7 +41,7 @@ You will need the following information from [MyF5](https://my.f5.com) for these
 
 ## Prepare NGINX Ingress Controller
 
-1. Choose your desired [NGINX Ingress Controller Image](https://docs.nginx.com/nginx-ingress-controller/technical-specifications/#images-with-nginx-plus).
+1. Choose your desired [NGINX Ingress Controller Image]({{< ref "/nic/technical-specifications.md#images-with-nginx-plus" >}}).
 1. Log into the [MyF5 Portal](https://my.f5.com/), navigate to your subscription details, and download the relevant .cert, .key and .JWT files.
 1. Create a Kubernetes secret using the JWT token. You should use `cat` to view the contents of the JWT token and store the output for use in later steps.
 1. Ensure there are no additional characters or extra whitespace that might have been accidentally added. This will break authorization and prevent the NGINX Ingress Controller image from being downloaded.
@@ -72,7 +72,7 @@ You will need the following information from [MyF5](https://my.f5.com) for these
 
 ## Manifest Deployment
 
-The page ["Installation with Manifests"](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-manifests/) explains how to install NGINX Ingress Controller using manifests. The following snippet is an example of a deployment:
+The page ["Installation with Manifests"]({{< ref "/nic/installation/installing-nic/installation-with-manifests.md" >}}) explains how to install NGINX Ingress Controller using manifests. The following snippet is an example of a deployment:
 
 ```yaml
 spec:
diff --git a/content/nic/logging-and-monitoring/logging.md b/content/nic/logging-and-monitoring/logging.md
index 44e7a8fb2..2407b99a8 100644
--- a/content/nic/logging-and-monitoring/logging.md
+++ b/content/nic/logging-and-monitoring/logging.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-613
-doctypes:
-- ''
 title: Logging
 toc: true
 weight: 1800
+nd-content-type: reference
+nd-product: NIC
+nd-docs: DOCS-613
 ---
 
 This document gives an overview of logging provided by NGINX Ingress Controller.
@@ -19,17 +19,17 @@ kubectl logs <nginx-ingress-pod> -n nginx-ingress
 
 The NGINX Ingress Controller process logs are configured through the `-log-level` command-line argument of the NGINX Ingress Controller, which sets the log level. The default value is `info`. Other options include: `trace`, `debug`, `info`, `warning`, `error` and `fatal`. The value `debug` is useful for troubleshooting: you will be able to see how NGINX Ingress Controller gets updates from the Kubernetes API, generates NGINX configuration and reloads NGINX.
 
-See also the doc about NGINX Ingress Controller [command-line arguments](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments).
+See also the doc about NGINX Ingress Controller [command-line arguments]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md" >}}).
 
 ## NGINX Logs
 
 The NGINX includes two logs:
 
-- *Access log*, where NGINX writes information about client requests in the access log right after the request is processed. The access log is configured via the [logging-related](/nginx-ingress-controller/configuration/global-configuration/configmap-resource#logging) ConfigMap keys:
+- *Access log*, where NGINX writes information about client requests in the access log right after the request is processed. The access log is configured via the [logging-related]({{< ref "/nic/configuration/global-configuration/configmap-resource.md#logging" >}}) ConfigMap keys:
   - `log-format` for HTTP and HTTPS traffic.
   - `stream-log-format` for TCP, UDP, and TLS Passthrough traffic.
 
     Additionally, you can disable access logging with the `access-log-off` ConfigMap key.
-- *Error log*, where NGINX writes information about encountered issues of different severity levels. It is configured via the `error-log-level` [ConfigMap key](/nginx-ingress-controller/configuration/global-configuration/configmap-resource#logging). To enable debug logging, set the level to `debug` and also set the `-nginx-debug` [command-line argument](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments), so that NGINX is started with the debug binary `nginx-debug`.
+- *Error log*, where NGINX writes information about encountered issues of different severity levels. It is configured via the `error-log-level` [ConfigMap key]({{< ref "/nic/configuration/global-configuration.md#configmap-resource#logging" >}}). To enable debug logging, set the level to `debug` and also set the `-nginx-debug` [command-line argument]({{< ref "/nic/configuration/global-configuration.md#command-line-arguments" >}}), so that NGINX is started with the debug binary `nginx-debug`.
 
-See also the doc about [NGINX logs](https://docs.nginx.com/nginx/admin-guide/monitoring/logging/) from NGINX Admin guide.
+See also the doc about [NGINX logs]({{< ref "/nginx/admin-guide/monitoring/logging.md" >}}) from NGINX Admin guide.
diff --git a/content/nic/logging-and-monitoring/prometheus.md b/content/nic/logging-and-monitoring/prometheus.md
index b8f3d6532..3d56d486f 100644
--- a/content/nic/logging-and-monitoring/prometheus.md
+++ b/content/nic/logging-and-monitoring/prometheus.md
@@ -14,7 +14,7 @@ NGINX Ingress Controller exposes metrics in the [Prometheus](https://prometheus.
 ### Using Manifests
 If you're using *Kubernetes manifests* (Deployment or DaemonSet) to install the Ingress Controller, to enable Prometheus metrics:
 
-1. Run the Ingress Controller with the `-enable-prometheus-metrics` [command-line argument](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments). As a result, the Ingress Controller will expose NGINX or NGINX Plus metrics in the Prometheus format via the path `/metrics` on port `9113` (customizable via the `-prometheus-metrics-listen-port` command-line argument).
+1. Run the Ingress Controller with the `-enable-prometheus-metrics` [command-line argument]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md" >}}). As a result, the Ingress Controller will expose NGINX or NGINX Plus metrics in the Prometheus format via the path `/metrics` on port `9113` (customizable via the `-prometheus-metrics-listen-port` command-line argument).
 1. To enable TLS for the Prometheus endpoint, configure the `-prometheus-tls-secret` cli argument with the namespace and name of a TLS Secret.
 1. Add the Prometheus port to the list of the ports of the Ingress Controller container in the template of the Ingress Controller pod:
 
@@ -64,7 +64,7 @@ The Ingress Controller exports the following metrics:
   - `controller_nginx_last_reload_status`. Status of the last NGINX reload, 0 meaning down and 1 up.
   - `controller_nginx_last_reload_milliseconds`. Duration in milliseconds of the last NGINX reload.
   - `controller_nginx_worker_processes_total`. Number of NGINX worker processes. This metric includes the constant label `generation` with two possible values `old` (the shutting down processes of the old generations) or `current` (the processes of the current generation).
-  - `controller_ingress_resources_total`. Number of handled Ingress resources. This metric includes the label type, that groups the Ingress resources by their type (regular, [minion or master](/nginx-ingress-controller/configuration/ingress-resources/cross-namespace-configuration)). **Note**: The metric doesn't count minions without a master.
+  - `controller_ingress_resources_total`. Number of handled Ingress resources. This metric includes the label type, that groups the Ingress resources by their type (regular, [minion or master]({{< ref "/nic/configuration/ingress-resources/cross-namespace-configuration.md" >}}). **Note**: The metric doesn't count minions without a master.
   - `controller_virtualserver_resources_total`. Number of handled VirtualServer resources.
   - `controller_virtualserverroute_resources_total`. Number of handled VirtualServerRoute resources. **Note**: The metric counts only VirtualServerRoutes that have a reference from a VirtualServer.
   - `location_zone` (upstream services) metrics:
diff --git a/content/nic/logging-and-monitoring/service-insight.md b/content/nic/logging-and-monitoring/service-insight.md
index aefeb4d98..b2908d27c 100644
--- a/content/nic/logging-and-monitoring/service-insight.md
+++ b/content/nic/logging-and-monitoring/service-insight.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-1180
-doctypes:
-- ''
 title: Service Insight
 toc: true
 weight: 2100
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-1180
 ---
 
 The Service Insight feature is available only for F5 NGINX Plus. The F5 NGINX Ingress Controller exposes an endpoint which provides host statistics for services exposed using the VirtualServer (VS) and TransportServer (TS) resources.
@@ -16,13 +16,13 @@ The response body holds information about the total, down and the unhealthy numb
 The service is indicated as not healthy (HTTP response code different than 200 OK) if all upstreams (pods) are determined unhealthy by NGINX Plus.
 The service is healthy if at least one upstream pod is healthy as determined by NGINX Plus. In this case, the endpoint returns HTTP code 200 OK.
 
-NGINX Plus determination of healthy can be tuned using advanced health checks, and also dynamically relate to pods responses and responsiveness.  See Upstream Healthcheck <https://docs.nginx.com/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#upstream>
+NGINX Plus determination of healthy can be tuned using advanced health checks, and also dynamically relate to pods responses and responsiveness.  See [Upstream Healthcheck]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#upstream" >}})
 
 ## Enabling Service Insight Endpoint
 
 If you're using *Kubernetes manifests* (Deployment or DaemonSet) to install the Ingress Controller, to enable the Service Insight endpoint:
 
-1. Run the Ingress Controller with the `-enable-service-insight` [command-line argument](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments). This will expose the Ingress Controller endpoint via paths `/probe/{hostname}` for Virtual Servers, and `/probe/ts/{service_name}` for Transport Servers on port `9114` (customizable with the `-service-insight-listen-port` command-line argument). The `service_name` parameter refers to the name of the deployed service (the service specified under `upstreams` in the transport server).
+1. Run the Ingress Controller with the `-enable-service-insight` [command-line argument]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md" >}}). This will expose the Ingress Controller endpoint via paths `/probe/{hostname}` for Virtual Servers, and `/probe/ts/{service_name}` for Transport Servers on port `9114` (customizable with the `-service-insight-listen-port` command-line argument). The `service_name` parameter refers to the name of the deployed service (the service specified under `upstreams` in the transport server).
 1. To enable TLS for the Service Insight endpoint, configure the `-service-insight-tls-secret` cli argument with the namespace and name of a TLS Secret.
 1. Add the Service Insight port to the list of the ports of the Ingress Controller container in the template of the Ingress Controller pod:
 
@@ -31,7 +31,7 @@ If you're using *Kubernetes manifests* (Deployment or DaemonSet) to install the
       containerPort: 9114
     ```
 
-If you're using *Helm* to install the Ingress Controller, to enable Service Insight endpoint, configure the `serviceInsight.*` parameters of the Helm chart. See the [Installation with Helm](/nginx-ingress-controller/installation/installing-nic/installation-with-helm) doc.
+If you're using *Helm* to install the Ingress Controller, to enable Service Insight endpoint, configure the `serviceInsight.*` parameters of the Helm chart. See the [Installation with Helm]({{< ref "/nic/installation/installing-nic/installation-with-helm.md" >}}) doc.
 
 ## Available Statistics and HTTP Response Codes
 
diff --git a/content/nic/logging-and-monitoring/status-page.md b/content/nic/logging-and-monitoring/status-page.md
index 246c3a475..0357f0fb1 100644
--- a/content/nic/logging-and-monitoring/status-page.md
+++ b/content/nic/logging-and-monitoring/status-page.md
@@ -1,26 +1,26 @@
 ---
-docs: DOCS-615
-doctypes:
-- ''
 title: Status Page
 toc: true
 weight: 1900
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-615
 ---
 
 This document explains how to get access to the stub status in NGINX and the dashboard in NGINX Plus.
 
 NGINX comes with a status page that reports basic metrics about NGINX called the [stub status](https://nginx.org/en/docs/http/ngx_http_stub_status_module.html).
 
-NGINX Plus comes with a [dashboard](https://docs.nginx.com/nginx/admin-guide/monitoring/live-activity-monitoring/) that reports key load-balancing and performance metrics.
+NGINX Plus comes with a [dashboard]({{< ref "/nginx/admin-guide/monitoring/live-activity-monitoring.md" >}}) that reports key load-balancing and performance metrics.
 
-NGINX App Protect DoS comes with a [dashboard](https://docs.nginx.com/nginx-app-protect-dos/monitoring/live-activity-monitoring/) that shows the status and information of the protected objects.
+NGINX App Protect DoS comes with a [dashboard]({{< ref "/nap-dos/monitoring/live-activity-monitoring.md" >}}) that shows the status and information of the protected objects.
 This doc shows how to get access to the stub status/dashboard.
 
 ## Accessing Stub Status
 
 Prerequisites:
 
-1. The stub status is enabled by default. Ensure that the `nginx-status` [command-line argument](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments) is not set to false.
+1. The stub status is enabled by default. Ensure that the `nginx-status` [command-line argument]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md" >}}) is not set to false.
 1. The stub status is available on port 8080 by default. It is customizable by the `nginx-status-port` command-line argument. If yours is not on 8080, modify the kubectl proxy command below.
 
 To access the status:
@@ -42,7 +42,7 @@ If you want to access the stub status externally (without `kubectl port-forward`
 
 Prerequisites:
 
-1. The dashboard is enabled by default. Ensure that the `nginx-status` [command-line argument](/nginx-ingress-controller/configuration/global-configuration/command-line-arguments)is not set to false.
+1. The dashboard is enabled by default. Ensure that the `nginx-status` [command-line argument]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md" >}}) is not set to false.
 1. The dashboard is available on port 8080 by default. It is customizable by the `nginx-status-port` command-line argument. If yours is not on 8080, modify the kubectl proxy command below.
 
 To access the dashboard:
diff --git a/content/nic/overview/controller-comparison.md b/content/nic/overview/controller-comparison.md
index 437e508c4..f4770395c 100644
--- a/content/nic/overview/controller-comparison.md
+++ b/content/nic/overview/controller-comparison.md
@@ -1,11 +1,11 @@
 ---
-docs: DOCS-610
-doctypes:
-- concept
-draft: true
 title: Which Ingress Controller Do I Need?
 toc: true
+draft: true
 weight: 400
+nd-content-type: reference
+nd-product: NIC
+nd-docs: DOCS-610
 ---
 
 This document describes the key differences between the community Ingress-NGINX Controller and F5 NGINX Ingress Controller.
@@ -18,7 +18,7 @@ If you are unsure about which implementation you are using, check the container
 
 ## The Key Differences
 
-The table below summarizes the key difference between nginx/kubernetes-ingress and kubernetes/ingress-nginx Ingress Controllers. Note that the table has two columns for the nginx/kubernetes-ingress Ingress Controller, as it can be used both with NGINX and NGINX Plus. For more information about nginx/kubernetes-ingress with NGINX Plus, read the [NGINX Ingress Controller with NGINX Plus](/nginx-ingress-controller/intro/nginx-plus) documentation.
+The table below summarizes the key difference between nginx/kubernetes-ingress and kubernetes/ingress-nginx Ingress Controllers. Note that the table has two columns for the nginx/kubernetes-ingress Ingress Controller, as it can be used both with NGINX and NGINX Plus. For more information about nginx/kubernetes-ingress with NGINX Plus, read the [Extensibility with NGINX Plus]({{< ref "/nic/overview/nginx-plus.md" >}}) documentation.
 
 {{% table %}}
 | Aspect or Feature | kubernetes/ingress-nginx | nginx/kubernetes-ingress with NGINX | nginx/kubernetes-ingress with NGINX Plus |
@@ -29,8 +29,8 @@ The table below summarizes the key difference between nginx/kubernetes-ingress a
 | Commercial support | N/A | N/A | Included |
 | **Load balancing configuration via the Ingress resource** |
 | Merging Ingress rules with the same host | Supported | Supported via [Mergeable Ingresses](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/mergeable-ingress-types) | Supported via [Mergeable Ingresses](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/mergeable-ingress-types) |
-| HTTP load balancing extensions - Annotations | See the [supported annotations](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/) | See the [supported annotations](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/) | See the [supported annotations](https://docs.nginx.com/nginx-ingress-controller/configuration/ingress-resources/advanced-configuration-with-annotations/)|
-| HTTP load balancing extensions -- ConfigMap | See the [supported ConfigMap keys](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/) | See the [supported ConfigMap keys](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/) | See the [supported ConfigMap keys](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/configmap-resource/) |
+| HTTP load balancing extensions - Annotations | See the [supported annotations](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/) | See the [supported annotations]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md" >}}) | See the [supported annotations]({{< ref "/nic/configuration/ingress-resources/advanced-configuration-with-annotations.md#summary-of-annotations" >}})|
+| HTTP load balancing extensions -- ConfigMap | See the [supported ConfigMap keys](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/) | See the [supported ConfigMap keys]({{< ref "/nic/configuration/global-configuration/configmap-resource.md" >}}) | See the [supported ConfigMap keys]({{< ref "/nic/configuration/global-configuration/configmap-resource.md" >}}) |
 | TCP/UDP | Supported via a ConfigMap | Supported via custom resources | Supported via custom resources |
 | Websocket  | Supported | Supported via an [annotation](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/websocket) | Supported via an [annotation](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/examples/ingress-resources/websocket) |
 | TCP SSL Passthrough | Supported via a ConfigMap | Supported via custom resources | Supported via custom resources |
@@ -39,11 +39,11 @@ The table below summarizes the key difference between nginx/kubernetes-ingress a
 | Canary testing (by header, cookie, weight) | Supported via annotations | Supported via custom resources | Supported via custom resources |
 | Configuration templates *1 | See the [template](https://github.com/kubernetes/ingress-nginx/blob/main/rootfs/etc/nginx/template/nginx.tmpl) | See the [templates](../internal/configs/version1) | See the [templates](../internal/configs/version1) |
 | **Load balancing configuration via Custom Resources** |
-| HTTP load balancing | Not supported | See [VirtualServer and VirtualServerRoute](https://docs.nginx.com/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/) resources | See [VirtualServer and VirtualServerRoute](https://docs.nginx.com/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/) resources |
-| TCP/UDP load balancing | Not supported | See [TransportServer](https://docs.nginx.com/nginx-ingress-controller/configuration/transportserver-resource/) resource | See [TransportServer](https://docs.nginx.com/nginx-ingress-controller/configuration/transportserver-resource/) resource |
-| TCP SSL Passthrough load balancing | Not supported | See [TransportServer](https://docs.nginx.com/nginx-ingress-controller/configuration/transportserver-resource/) resource | See [TransportServer](https://docs.nginx.com/nginx-ingress-controller/configuration/transportserver-resource/) resource |
+| HTTP load balancing | Not supported | See [VirtualServer and VirtualServerRoute]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md" >}}) resources | See [VirtualServer and VirtualServerRoute]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md" >}}) resources |
+| TCP/UDP load balancing | Not supported | See [TransportServer]({{< ref "/nic/configuration/transportserver-resource.md" >}}) resource | See [TransportServer](({{< ref "/nic/configuration/transportserver-resource.md" >}}) resource |
+| TCP SSL Passthrough load balancing | Not supported | See [TransportServer]({{< ref "/nic/configuration/transportserver-resource.md" >}}) resource | See [TransportServer]({{< ref "/nic/configuration/transportserver-resource.md" >}}) resource |
 | **Deployment** |
-| Command-line arguments *2 | See the [arguments](https://kubernetes.github.io/ingress-nginx/user-guide/cli-arguments/) | See the [arguments](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/command-line-arguments/) | See the [arguments](https://docs.nginx.com/nginx-ingress-controller/configuration/global-configuration/command-line-arguments/) |
+| Command-line arguments *2 | See the [arguments](https://kubernetes.github.io/ingress-nginx/user-guide/cli-arguments/) | See the [arguments]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md" >}}) | See the [arguments]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md" >}}) |
 | TLS certificate and key for the default server | Required as a command-line argument/ auto-generated | Required as a command-line argument | Required as a command-line argument |
 | Helm chart | Supported | Supported | Supported |
 | Operator | Not supported | Supported | Supported |
diff --git a/content/nic/overview/design.md b/content/nic/overview/design.md
index 16dcbd967..14e99a5d0 100644
--- a/content/nic/overview/design.md
+++ b/content/nic/overview/design.md
@@ -38,8 +38,6 @@ The figure shows:
 
 The yellow and purple arrows represent connections related to the client traffic, and the black arrows represent access to the Kubernetes API.
 
----
-
 ## The NGINX Ingress Controller pod
 
 The NGINX Ingress Controller pod consists of a single container, which includes the following:
@@ -75,13 +73,11 @@ This table describes each connection, starting with its type:
 |16|Signal| The _NGINX master_ controls the [lifecycle of _NGINX workers_](https://nginx.org/en/docs/control.html#reconfiguration) it creates workers with the new configuration and shutdowns workers with the old configuration.
 |17|File I/O| An _NGINX worker_ writes logs to its _stdout_ and _stderr_, which are collected by the container runtime.
 |18|UDP| An _NGINX worker_ sends the HTTP upstream server response latency logs via the Syslog protocol over the UNIX socket `/var/lib/nginx/nginx-syslog.sock` to _NGINX Ingress Controller_. In turn, _NGINX Ingress Controller_ analyzes and transforms the logs into Prometheus metrics.
-|19|HTTP,HTTPS,TCP,UDP| A _client_ sends traffic to and receives traffic from any of the _NGINX workers_ on ports 80 and 443 and any additional ports exposed by the [GlobalConfiguration resource](/nginx-ingress-controller/configuration/global-configuration/globalconfiguration-resource).
+|19|HTTP,HTTPS,TCP,UDP| A _client_ sends traffic to and receives traffic from any of the _NGINX workers_ on ports 80 and 443 and any additional ports exposed by the [GlobalConfiguration resource]({{< ref "/nic//configuration/global-configuration/globalconfiguration-resource.md" >}}).
 |20|HTTP,HTTPS,TCP,UDP| An _NGINX worker_ sends traffic to and receives traffic from the _backends_.
 |21|HTTP| _Admin_ can connect to the [NGINX stub_status](http://nginx.org/en/docs/http/ngx_http_stub_status_module.html#stub_status) using port 8080 via an _NGINX worker_. By default, NGINX only allows connections from `localhost`.
 {{% /bootstrap-table %}}
 
----
-
 ### Differences with NGINX Plus
 
 The previous diagram depicts NGINX Ingress Controller using NGINX. NGINX Ingress Controller with NGINX Plus has the following differences:
@@ -90,8 +86,6 @@ The previous diagram depicts NGINX Ingress Controller using NGINX. NGINX Ingress
 - Instead of the stub status metrics, the extended metrics available from the NGINX Plus API are used.
 - In addition to TLS certs and keys, NGINX Ingress Controller writes JWKs from the secrets of the type `nginx.org/jwk`, and NGINX workers read them.
 
----
-
 ## The NGINX Ingress Controller process
 
 This section covers the architecture of the NGINX Ingress Controller process, including:
@@ -100,8 +94,6 @@ This section covers the architecture of the NGINX Ingress Controller process, in
 - A summary of how NGINX Ingress Controller works in relation to others Kubernetes Controllers.
 - The different components of the IC process.
 
----
-
 ### Processing a new Ingress resource
 
 The following diagram depicts how NGINX Ingress Controller processes a new Ingress resource. The the NGINX master and worker processes are represented as a single rectangle, _NGINX_ for simplicity. VirtualServer and VirtualServerRoute resources are indicated similarly.
@@ -121,8 +113,6 @@ Processing a new Ingress resource involves the following steps: each step corres
     1. _NGINX_ reads the _configuration files_.
 1. The _Control Loop_ emits an event for the Ingress resource and updates its status. If the reload fails, the event includes the error message.
 
----
-
 ### NGINX Ingress Controller is a Kubernetes controller
 
 With the context from the previous sections, we can generalize how NGINX Ingress Controller works:
@@ -156,8 +146,6 @@ NGINX Ingress Controller can watch additional Custom Resources, which are less c
 - [NGINX App Protect resources]({{< ref "/nic/installation/integrations/app-protect-dos/configuration" >}}) (APPolicies, APLogConfs, APUserSigs)
 - IngressLink resource (only one resource)
 
----
-
 ## NGINX Ingress Controller process components
 
 In this section, we describe the components of the NGINX Ingress Controller process and how they interact, including:
@@ -183,8 +171,6 @@ We also mentioned that once the cache is updated, it notifies the control loop a
 - The _Workqueue_ always tries to drain itself: if there is an element at the front, the queue will remove the element and send it to the _Controller_ by calling a callback function (See the arrow _4. Send_).
 - The _Controller_ is the primary component of NGINX Ingress Controller, which represents the _Control Loop_, explained in [The Control Loop](#the-control-loop) section. To process a workqueue element, the _Controller_ component gets the latest version of the resource from the _Store_ (See the arrow _5. Get_), reconfigures _NGINX_ according to the resource (See the arrow _6. Reconfigure*_, updates the resource status, and emits an event via the _Kubernetes API_ (See the arrow  _7. Update status and emit event_).
 
----
-
 ### The control loop
 
 This section discusses the main components of NGINX Ingress Controller, which comprise the control loop:
@@ -205,8 +191,6 @@ The following diagram shows how the three components interact:
 
 {{<img src="/nic/control-loop.png" alt="">}}
 
----
-
 #### The Controller sync method
 
 The Controller [sync](https://github.com/nginx/kubernetes-ingress/blob/v1.11.0/internal/k8s/controller.go#L663) method is called by the _Workqueue_ to process a change of a resource. The method determines the _kind_ of the resource and calls the appropriate _sync_ method (Such as _syncIngress_ for Ingress resources).
@@ -234,14 +218,10 @@ To explain how the sync methods work, we will examine the most important one: th
 - The _syncVirtualServer_, _syncVirtualServerRoute_, and _syncTransportServer_ methods are similar to _syncIngress_, while other sync methods are different. However, those methods typically find the affected Ingress, VirtualServer, and TransportServer resources and regenerate the configuration for them.
 - The _Workqueue_ has only a single worker thread that calls the sync method synchronously, meaning the _Control Loop_ processes only one change at a time.
 
----
-
 #### Helper components
 
 There are two additional helper components crucial for processing changes: _Configuration_ and _LocalSecretStore_.
 
----
-
 ##### Configuration
 
 [_Configuration_](https://github.com/nginx/kubernetes-ingress/blob/v1.11.0/internal/k8s/configuration.go#L320) holds the latest valid state of the NGINX Ingress Controller load balancing configuration resources: Ingresses, VirtualServers, VirtualServerRoutes, TransportServers, and GlobalConfiguration.
@@ -257,22 +237,16 @@ Additionally, the _Configuration_ ensures that only one Ingress/VirtualServer/Tr
 
 Ultimately, NGINX Ingress Controller ensures the NGINX config on the filesystem reflects the state of the objects in the _Configuration_ at any point in time.
 
----
-
 ##### LocalSecretStore
 
 [_LocalSecretStore_](https://github.com/nginx/kubernetes-ingress/blob/v1.11.0/internal/k8s/secrets/store.go#L32) (of the _SecretStore_ interface) holds the valid Secret resources and keeps the corresponding files on the filesystem in sync with them. Secrets are used to hold TLS certificates and keys (type `kubernetes.io/tls`), CAs (`nginx.org/ca`), JWKs (`nginx.org/jwk`), and client secrets for an OIDC provider (`nginx.org/oidc`).
 
 When _Controller_ processes a change to a configuration resource like Ingress, it creates an extended version of a resource that includes the dependencies (Such as Secrets) necessary to generate the NGINX configuration. _LocalSecretStore_ allows _Controller_ to reference the filesystem for a secret using the secret key (namespace/name).
 
----
-
 ## Reloading NGINX
 
 The following sections describe how NGINX reloads and how NGINX Ingress Controller specifically affects this process.
 
----
-
 ### How NGINX reloads work
 
 Reloading NGINX is necessary to apply new configuration changes and occurs with these steps:
@@ -283,8 +257,6 @@ Reloading NGINX is necessary to apply new configuration changes and occurs with
 
 The [NGINX documentation](https://nginx.org/en/docs/control.html#reconfiguration) has more details about reloading.
 
----
-
 #### How to reload NGINX and confirm success
 
 The NGINX binary (`nginx`) supports the reload operation with the `-s reload` option. When you run this option:
@@ -301,8 +273,6 @@ Once the reload operation has been invoked with `nginx -s reload`, there is no w
 
 NGINX reloads take roughly 200ms. The factors affecting reload time are configuration size and details, the number of TLS certificates/keys, enabled modules, and available CPU resources.
 
----
-
 #### Potential problems
 
 Most of the time, if `nginx -s reload` executes, the reload will also succeed. In the rare case a reload fails, the NGINX master process will print the an error message. This is an example:
@@ -315,8 +285,6 @@ The operation is graceful; reloading doesn't lead to any traffic loss by NGINX.
 
 Old NGINX workers will not shut down until all connections are terminated either by clients or backends, unless you configure [worker_shutdown_timeout](https://nginx.org/en/docs/ngx_core_module.html#worker_shutdown_timeout). Since both the old and new NGINX worker processes coexist during a reload, reloading can lead to two spikes in memory utilization. With a lack of available memory, the NGINX master process can fail to create new worker processes.
 
----
-
 ### Reloading in NGINX Ingress Controller
 
 NGINX Ingress Controller reloads NGINX to apply configuration changes.
@@ -333,8 +301,6 @@ Reloads occur with this sequence of steps:
 
 The [NGINX Ingress Controller Control Loop](#the-control-loop) stops during a reload so that it cannot affect configuration files or reload NGINX until the current reload succeeds or fails.
 
----
-
 ### When NGINX Ingress Controller reloads NGINX
 
 NGINX Ingress Controller reloads NGINX every time the Control Loop processes a change that affects the generated NGINX configuration. In general, every time a monitored resource is changed, NGINX Ingress Controller will regenerate the configuration and reload NGINX.
diff --git a/content/nic/releases.md b/content/nic/releases.md
index 8c8a585da..4738b69be 100644
--- a/content/nic/releases.md
+++ b/content/nic/releases.md
@@ -2,18 +2,18 @@
 title: Releases
 weight: 2100
 toc: true
-type: reference
-product: NIC
-docs: DOCS-616
+nd-content-type: reference
+nd-product: NIC
+nd-docs: DOCS-616
 ---
 ## 5.0.0
 
 16 Apr 2025
 
-Added support for [NGINX Plus R34](https://docs.nginx.com/nginx/releases/#nginxplusrelease-34-r34), users needing to use a forward proxy for license verification are now able to make use of the [`proxy`](https://nginx.org/en/docs/ngx_mgmt_module.html#proxy) directives available in F5 NGINX Plus.
+Added support for [NGINX Plus R34]({{< ref "/nginx/releases.md#nginxplusrelease-34-r34" >}}), users needing to use a forward proxy for license verification are now able to make use of the [`proxy`](https://nginx.org/en/docs/ngx_mgmt_module.html#proxy) directives available in F5 NGINX Plus.
 
 {{< important >}}
-With the removal of the OpenTracing dynamic module from [NGINX Plus R34](https://docs.nginx.com/nginx/releases/#nginxplusrelease-34-r34), NGINX Ingress Controller also removes full OpenTracing support.  This will affect users making use of OpenTracing with the ConfigMap, `server-snippets` & `location-snippets` parameters.  Support for tracing with [OpenTelemetry](https://docs.nginx.com/nginx/admin-guide/dynamic-modules/opentelemetry/) will come in a future release.
+With the removal of the OpenTracing dynamic module from [NGINX Plus R34](({{< ref "/nginx/releases.md#nginxplusrelease-34-r34" >}}), NGINX Ingress Controller also removes full OpenTracing support.  This will affect users making use of OpenTracing with the ConfigMap, `server-snippets` & `location-snippets` parameters.  Support for tracing with [OpenTelemetry]({{< ref "/nginx/admin-guide/dynamic-modules/opentelemetry.md" >}}) will come in a future release.
 {{< /important >}}
 
 We have extended the rate-limit Policy to allow tiered rate limit groups with JWT claims.  This will also allow users to apply different rate limits to their `VirtualServer` or `VirtualServerRoutes` with the value of a JWT claim.  See [here](https://github.com/nginx/kubernetes-ingress/tree/v5.0.0/examples/custom-resources/rate-limit-tiered-jwt-claim/) for a working example.
@@ -102,11 +102,11 @@ versions: 1.25-1.32.
 
 16 Dec 2024
 
-With added support for [NGINX R33](https://docs.nginx.com/nginx/releases/#nginxplusrelease-33-r33), deployments of F5 NGINX Ingress Controller using NGINX Plus now require a valid JSON Web Token to run.
-Please see the [Upgrading to v4]({{< ref "/nic/installation/installing-nic/upgrade-to-v4#create-license-secret" >}}) for full details on setting up your license `Secret`.
+With added support for [NGINX R33]({{< ref "/nginx/releases.md#nginxplusrelease-33-r33" >}}), deployments of F5 NGINX Ingress Controller using NGINX Plus now require a valid JSON Web Token to run.
+Please see the [Upgrading to v4]({{< ref "/nic/installation/installing-nic/upgrade-to-v4.md#create-license-secret" >}}) for full details on setting up your license `Secret`.
 
 API Version `v1alpha1` of `GlobalConfiguration`, `Policy` and `TransportServer` resources are now deprecated.
-Please see [Update custom resource apiVersion]({{< ref "/nic/installation/installing-nic/upgrade-to-v4#update-custom-resource-apiversion" >}}) for full details on updating your resources.
+Please see [Update custom resource apiVersion]({{< ref "/nic/installation/installing-nic/upgrade-to-v4.md#update-custom-resource-apiversion" >}}) for full details on updating your resources.
 
 Updates have been made to our logging library. For a while, F5 NGINX Ingress Controller has been using the [golang/glog](https://github.com/golang/glog). For this release, we have moved to the native golang library [log/slog](https://pkg.go.dev/log/slog).
 This change was made for these reasons:
@@ -150,7 +150,7 @@ For more details on what this feature does, and how to configure it yourself, pl
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
 - For NGINX Plus, use the 4.0.0 images from the F5 Container registry or build your own image using the 4.0.0 source code
 - For Helm, use version 2.0.0 of the chart.
-- [Upgrading to v4]({{< ref "/nic/installation/installing-nic/upgrade-to-v4" >}})
+- [Upgrading to v4]({{< ref "/nic/installation/installing-nic/upgrade-to-v4.md" >}})
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
 
@@ -197,10 +197,7 @@ When `v4.0.0` is released, the release notes will contain the required upgrade s
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.7.2),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.7.2 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.7.2 source code
+- For NGINX Plus, use the 3.7.2 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.7.2 source code.
 - For Helm, use version 1.4.2 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -229,10 +226,7 @@ versions: 1.25-1.31.
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.7.1),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.7.1 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.7.1 source code
+- For NGINX Plus, use the 3.7.1 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.7.1 source code.
 - For Helm, use version 1.4.1 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -290,10 +284,7 @@ When installing NGINX Ingress Controller via Helm, a uniquely named lease object
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.7.0),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.7.0 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.7.0 source code
+- For NGINX Plus, use the 3.7.0 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.7.0 source code.
 - For Helm, use version 1.4.0 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -321,10 +312,7 @@ versions: 1.25-1.31.
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.6.2),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.6.2 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.6.2 source code
+- For NGINX Plus, use the 3.6.2 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace, or build your own image using the 3.6.2 source code.
 - For Helm, use version 1.3.2 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -353,10 +341,7 @@ versions: 1.25-1.31.
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.6.1),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.6.1 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking), the [Azure Marketplace](https://azuremarketplace.microsoft.com/en-gb/marketplace/apps/category/containers?page=1&search=f5&subcategories=container-apps)
-or build your own image using the 3.6.1 source code
+- For NGINX Plus, use the 3.6.1 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace, the Azure Marketplace or build your own image using the 3.6.1 source code.
 - For Helm, use version 1.3.1 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -371,7 +356,7 @@ versions: 1.25-1.30.
 25 Jun 2024
 
 Added support for the latest generation of NGINX App Protect Web Application Firewall, v5. NGINX Ingress Controller will continue to support the NGINX App Protect v4 family to allow customers to implement new Policy Bundle workflow at their own pace.
-NGINX App Protect WAF v5 does not accept the JSON based policies, instead requiring users to compile a Policy Bundle outside of the NGINX Ingress Controller pod. Policy bundles contain a combination of custom Policy, signatures, and campaigns. Bundles can be compiled using either App Protect [compiler](https://docs.nginx.com/nginx-app-protect-waf/v5/admin-guide/compiler/), or [NGINX Instance Manager](https://docs.nginx.com/nginx-instance-manager/nginx-app-protect/manage-waf-security-policies/#list-security-policy-bundles). Read more in the [NGINX App Protect WAF V5]({{< ref "/nic/installation/integrations/app-protect-waf-v5/" >}})  topic.
+NGINX App Protect WAF v5 does not accept the JSON based policies, instead requiring users to compile a Policy Bundle outside of the NGINX Ingress Controller pod. Policy bundles contain a combination of custom Policy, signatures, and campaigns. Bundles can be compiled using either App Protect [compiler]({{< ref "/nap-waf/v5/admin-guide/compiler/" >}}), or [NGINX Instance Manager]({{< ref "/nim/nginx-app-protect/manage-waf-security-policies.md#list-security-policy-bundles" >}}). Read more in the [NGINX App Protect WAF V5]({{< ref "/nic/installation/integrations/app-protect-waf-v5/" >}})  topic.
 
 With this release, NGINX Ingress Controller is implementing a new image maintenance policy. Container images for subscribed users will be updated on a regular basis in-between releases to reduce the CVE vulnerabilities.
 Customers can observe the 3.6.x tag when listing images in the registry and select the latest image to update to for the current release.
@@ -402,10 +387,7 @@ Customers can observe the 3.6.x tag when listing images in the registry and sele
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.6.0),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.6.0 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking), the [Azure Marketplace](https://azuremarketplace.microsoft.com/en-gb/marketplace/apps/category/containers?page=1&search=f5&subcategories=container-apps)
-or build your own image using the 3.6.0 source code
+- For NGINX Plus, use the 3.6.0 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace, the Azure Marketplace or build your own image using the 3.6.0 source code.
 - For Helm, use version 1.3.0 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -436,10 +418,7 @@ versions: 1.25-1.30.
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.5.2),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.5.2 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking), the [Azure Marketplace](https://azuremarketplace.microsoft.com/en-us/marketplace/apps/nginxinc.nginx_ingress_premium?tab=Overview),
-or build your own image using the 3.5.2 source code
+- For NGINX Plus, use the 3.5.2 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace, the Azure Marketplace, or build your own image using the 3.5.2 source code
 - For Helm, use version 1.2.2 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -470,10 +449,7 @@ versions: 1.25-1.30.
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.5.1),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.5.1 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.5.1 source code
+- For NGINX Plus, use the 3.5.1 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.5.1 source code.
 - For Helm, use version 1.2.1 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -486,7 +462,7 @@ versions: 1.23-1.29.
 
 26 Mar 2024
 
-NGINX Ingress Controller and NGINX App Protect WAF users can can now view violations through NGINX Instance Manager Security Monitor.  Security Monitor can be used to build Policy bundles, reducing reload time impacts on NGINX Ingress Controller.  Read more information in [NGINX App Protect WAF Bundles]({{< ref "/nic/installation/integrations/app-protect-waf/configuration.md#waf-bundles" >}}) and [Security Monitoring](https://docs.nginx.com/nginx-instance-manager/monitoring/security-monitoring/).
+NGINX Ingress Controller and NGINX App Protect WAF users can can now view violations through NGINX Instance Manager Security Monitor.  Security Monitor can be used to build Policy bundles, reducing reload time impacts on NGINX Ingress Controller.  Read more information in [NGINX App Protect WAF Bundles]({{< ref "/nic/installation/integrations/app-protect-waf/configuration.md#waf-bundles" >}}) and Security Monitoring.
 
 When using NGINX Plus for two version [split rollouts]({{ ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#split" }}), you can now control progressive rollouts of a new backend version without reloading NGINX using the [**-weight-changes-dynamic-reload**]({{< ref "/nic/configuration/global-configuration/command-line-arguments.md#-weight-changes-dynamic-reload" >}}) command line argument.
 
@@ -522,10 +498,7 @@ The [**use-cluster-ip**]({{< ref "/nic/configuration/ingress-resources/advanced-
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.5.0),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.5.0 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.5.0 source code
+- For NGINX Plus, use the 3.5.0 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.5.0 source code.
 - For Helm, use version 1.2.0 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -565,10 +538,7 @@ versions: 1.23-1.29.
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.4.3),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.4.3 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.4.3 source code
+- For NGINX Plus, use the 3.4.3 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.4.3 source code.
 - For Helm, use version 1.1.3 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -590,10 +560,7 @@ versions: 1.23-1.29.
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.4.2),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.4.2 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.4.2 source code
+- For NGINX Plus, use the 3.4.2 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.4.2 source code.
 - For Helm, use version 1.1.2 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -616,10 +583,7 @@ versions: 1.23-1.29.
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.4.1),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.4.1 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.4.1 source code
+- For NGINX Plus, use the 3.4.1 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.4.1 source code.
 - For Helm, use version 1.1.1 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -676,10 +640,7 @@ We’ve added the functionality to define App Protect WAF bundles for VirtualSer
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.4.0),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.4.0 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.4.0 source code
+- For NGINX Plus, use the 3.4.0 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.4.0 source code.
 - For Helm, use version 1.1.0 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -708,14 +669,9 @@ versions: 1.22-1.29.
 [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.3.2),
 [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress),
 [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.3.2 images from the F5 Container registry,
-the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE),
-the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking)
-or build your own image using the 3.3.2 source code
+- For NGINX Plus, use the 3.3.2 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.3.2 source code.
 - For Helm, use version 1.0.2 of the chart.
 
-<hr>
-
 ## 3.3.1
 
 13 Oct 2023
@@ -732,9 +688,7 @@ This releases updates NGINX Plus to R30 P1 and dependencies to mitigate HTTP/2 R
 ### <i class="fa-solid fa-download"></i> Upgrade
 
 - For NGINX, use the 3.3.1 images from our [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.3.1), [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress), [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.3.1 images from the F5 Container registry, the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE), the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking) or build your own image using the 3.3.1 source code
-
-<hr>
+- For NGINX Plus, use the 3.3.1 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.3.1 source code
 
 ## 3.3.0
 
@@ -797,7 +751,7 @@ listeners so they can tailor to their specific needs and policies.
 ### <i class="fa-solid fa-download"></i> Upgrade
 
 - For NGINX, use the 3.3.0 images from our [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.3.0), [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress), [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.3.0 images from the F5 Container registry, the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE), the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking) or build your own image using the 3.3.0 source code
+- For NGINX Plus, use the 3.3.0 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.3.0 source code.
 - For Helm, use version 1.0.0 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -819,7 +773,7 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 ### <i class="fa-solid fa-download"></i> Upgrade
 
 - For NGINX, use the 3.2.1 images from our [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.2.1), [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress), [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.2.1 images from the F5 Container registry, the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE), the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking) or build your own image using the 3.2.1 source code
+- For NGINX Plus, use the 3.2.1 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.2.1 source code.
 - For Helm, use version 0.18.1 of the chart.
 
 <hr>
@@ -861,7 +815,7 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 ### <i class="fa-solid fa-download"></i> Upgrade
 
 - For NGINX, use the 3.2.0 images from our [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.2.0), [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress), [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.2.0 images from the F5 Container registry, the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE), the [GCP Marketplace](https://console.cloud.google.com/marketplace/browse?filter=partner:F5,%20Inc.&filter=solution-type:k8s&filter=category:networking) or build your own image using the 3.2.0 source code.
+- For NGINX Plus, use the 3.2.0 images from the F5 Container registry, the AWS Marketplace, the GCP Marketplace or build your own image using the 3.2.0 source code.
 - For Helm, use version 0.18.0 of the chart.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -1072,7 +1026,7 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 
 - Make sure the Kubernetes version is in the supported platforms listed below.
 - For NGINX, use the 3.0.0 images from our [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=3.0.0), [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress) or [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress).
-- For NGINX Plus, use the 3.0.0 images from the F5 Container registry or the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE) or build your own image using the 3.0.0 source code.
+- For NGINX Plus, use the 3.0.0 images from the F5 Container registry or the AWS Marketplace or build your own image using the 3.0.0 source code.
 - For Helm, use version 0.16.0 of the chart. Helm does not upgrade the CRDs. If you're using custom resources like VirtualServer and TransportServer (`controller.enableCustomResources` is set to `true`), after running the `helm upgrade` command, run `kubectl apply -f deployments/helm-chart/crds` to upgrade the CRDs.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -1116,7 +1070,7 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 ### <i class="fa-solid fa-download"></i> Upgrade
 
 - For NGINX, use the 2.4.1 images from our [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=2.4.1), [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress), [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress) or [Quay.io](https://quay.io/repository/nginx/nginx-ingress).
-- For NGINX Plus, use the 2.4.1 images from the F5 Container registry or the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE) or build your own image using the 2.4.1 source code.
+- For NGINX Plus, use the 2.4.1 images from the F5 Container registry or the AWS Marketplace or build your own image using the 2.4.1 source code.
 - For Helm, use version 0.15.1 of the chart.
 
 <hr>
@@ -1181,7 +1135,7 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 ### <i class="fa-solid fa-download"></i> Upgrade
 
 - For NGINX, use the 2.4.0 images from our [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=2.4.0), [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress) or [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress).
-- For NGINX Plus, use the 2.4.0 images from the F5 Container registry or the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE) or build your own image using the 2.4.0 source code.
+- For NGINX Plus, use the 2.4.0 images from the F5 Container registry or the AWS Marketplace or build your own image using the 2.4.0 source code.
 - For Helm, use version 0.15.0 of the chart. If you're using custom resources like VirtualServer and TransportServer (`controller.enableCustomResources` is set to `true`), after you run the `helm upgrade` command, the CRDs will not be upgraded. After running the `helm upgrade` command, run `kubectl apply -f deployments/helm-chart/crds` to upgrade the CRDs.
 
 ### <i class="fa-solid fa-life-ring"></i> Supported Platforms
@@ -1263,7 +1217,7 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 ### <i class="fa-solid fa-download"></i> Upgrade
 
 - For NGINX, use the 2.3.0 images from our [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=2.3.0), [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress) or [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress).
-- For NGINX Plus, use the 2.3.0 images from the F5 Container registry or the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE) or build your own image using the 2.3.0 source code.
+- For NGINX Plus, use the 2.3.0 images from the F5 Container registry or the AWS Marketplace or build your own image using the 2.3.0 source code.
 - For Helm, use version 0.14.0 of the chart. If you're using custom resources like VirtualServer and TransportServer (`controller.enableCustomResources` is set to `true`), after you run the `helm upgrade` command, the CRDs will not be upgraded. After running the `helm upgrade` command, run `kubectl apply -f deployments/helm-chart/crds` to upgrade the CRDs.
 - When upgrading using [Manifests]({{< ref "/nic/installation/installing-nic/installation-with-manifests.md" >}}), make sure to update the [ClusterRole](https://github.com/nginx/kubernetes-ingress/blob/v2.3.1/deployments/rbac/rbac.yaml). This is required to enable the ExternalDNS for VirtualServer resources integration.
 
@@ -1360,8 +1314,6 @@ the documentation here
 
 We will provide technical support for NGINX Ingress Controller on any Kubernetes platform that is currently supported by its provider and which passes the Kubernetes conformance tests. This release was fully tested on the following Kubernetes versions: 1.19-1.23.
 
-<hr>
-
 ## 2.1.2
 
 29 March 2022
@@ -1373,7 +1325,7 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 ### <i class="fa-solid fa-download"></i> Upgrade
 
 - For NGINX, use the 2.1.2 images from our [DockerHub](https://hub.docker.com/r/nginx/nginx-ingress/tags?page=1&ordering=last_updated&name=2.1.2), [GitHub Container](https://github.com/nginx/kubernetes-ingress/pkgs/container/kubernetes-ingress) or [Amazon ECR Public Gallery](https://gallery.ecr.aws/nginx/nginx-ingress).
-- For NGINX Plus, use the 2.1.2 images from the F5 Container registry or the [AWS Marketplace](https://aws.amazon.com/marketplace/search/?CREATOR=741df81b-dfdc-4d36-b8da-945ea66b522c&FULFILLMENT_OPTION_TYPE=CONTAINER&filters=CREATOR%2CFULFILLMENT_OPTION_TYPE) or build your own image using the 2.1.2 source code.
+- For NGINX Plus, use the 2.1.2 images from the F5 Container registry or the AWS Marketplace or build your own image using the 2.1.2 source code.
 - For Helm, use version 0.12.2 of the chart.
 
 <hr>
@@ -1430,10 +1382,10 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 
 - Full support for gRPC services using the NGINX Ingress Controller [VirtualServer and VirtualServerRoute]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md" >}}) custom resource definitions.  This makes configuring and supporting gRPC services much easier, giving a simple YAML configuration and removing the need for snippets. Resource definition examples for gRPC can be found [here](https://github.com/nginx/kubernetes-ingress/tree/v2.1.1/examples/custom-resources/grpc-upstreams).
 
-- Implementation of NGINX mandatory and persistent health checks in VirtualServer and VirtualServerRoute to further reduce interruptions to your service traffic as configuration changes continuously happen in your dynamic Kubernetes environment(s). Health checks have been extended to include `mandatory` and `persistent` fields. Mandatory health checks ensures that a new upstream server starts receiving traffic only after the health check passes. Mandatory health checks can be marked as persistent, so that the previous state is remembered when the Ingress Controller reloads NGINX Plus configuration. When combined with the slow-start parameter, the mandatory health check give a new upstream server more time to connect to databases and “warm up” before being asked to handle their full share of traffic. See the settings [here]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#upstreamhealthcheck" >}}). More about the [NGINX Plus mandatory and persistent health check features](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#mandatory-health-checks).
+- Implementation of NGINX mandatory and persistent health checks in VirtualServer and VirtualServerRoute to further reduce interruptions to your service traffic as configuration changes continuously happen in your dynamic Kubernetes environment(s). Health checks have been extended to include `mandatory` and `persistent` fields. Mandatory health checks ensures that a new upstream server starts receiving traffic only after the health check passes. Mandatory health checks can be marked as persistent, so that the previous state is remembered when the Ingress Controller reloads NGINX Plus configuration. When combined with the slow-start parameter, the mandatory health check give a new upstream server more time to connect to databases and “warm up” before being asked to handle their full share of traffic. See the settings [here]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#upstreamhealthcheck" >}}). More about the [NGINX Plus mandatory and persistent health check features]({{< ref "/nginx/admin-guide/load-balancer/http-health-check.md#mandatory-health-checks" >}}).
 Mandatory health checks can be marked as persistent, so that the previous state is remembered when reloading configuration. When combined with the slow-start parameter, it gives a new service pod more time to connect to databases and “warm up” before being asked to handle their full share of traffic.
 See the settings [here]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#upstreamhealthcheck" >}}).
-More about the [NGINX Plus mandatory and persistent health check features](https://docs.nginx.com/nginx/admin-guide/load-balancer/http-health-check/#mandatory-health-checks)
+More about the [NGINX Plus mandatory and persistent health check features]({{< ref "/nginx/admin-guide/load-balancer/http-health-check.md#mandatory-health-checks" >}})
 
 ### <i class="fa-solid fa-rocket"></i> Features
 
@@ -1589,7 +1541,7 @@ Release 2.0.0 includes:
 
      We migrated all our documentation and examples to use `networking.k8s.io/v1` and the `ingressClassName` field of the Ingress resource.
 - *Scalability improvements*. We improved the time for an Ingress Controller pod to become ready and start receiving traffic. This is especially noticeable when you have hundreds of Ingress or other configuration resources like VirtualServers: instead of several minutes or more in rare cases, a pod will become ready within a few minutes.
-- *Documentation improvements* We changed the look and feel of our documentation at <https://docs.nginx.com/nginx-ingress-controller> as well as the underlying publishing technology, which will allow us to bring even more improvements in the next releases.
+- *Documentation improvements* We changed the look and feel of our documentation as well as the underlying publishing technology, which will allow us to bring even more improvements in the next releases.
 - *Upgrade path for k8s.nginx.org/v1alpha1 Policy resource* If you’re running release 1.9.0 and using the k8s.nginx.org/v1alpha1 Policy, the Ingress Controller now supports an upgrade path from v1alpha1 to v1 Policy version without downtime. See UPDATING POLICIES section below.
 
 You will find the complete changelog for release 2.0.0, including bug fixes, improvements, and changes below.
@@ -1686,8 +1638,6 @@ We will provide technical support for NGINX Ingress Controller on any Kubernetes
 - Alternatively, you can also build your own image using the 1.12.1 source code.
 - For Helm, use version 0.10.1 of the chart.
 
-<hr>
-
 ## 1.12.0
 
 30 June 2021
@@ -1851,7 +1801,7 @@ You will find the complete changelog for release 1.11.0, including bug fixes, im
 
 ### <i class="fa-solid fa-download"></i> Upgrade
 
-- For NGINX, use the 1.11.0 image from our DockerHub: `nginx/nginx-ingress:1.11.0`, `nginx/nginx-ingress:1.11.0-alpine` or `nginx-ingress:1.11.0-ubi`
+-- For NGINX, use the 1.11.0 image from our DockerHub: `nginx/nginx-ingress:1.11.0`, `nginx/nginx-ingress:1.11.0-alpine` or `nginx-ingress:1.11.0-ubi`
 - For NGINX Plus, please build your own image using the 1.11.0 source code.
 - For Helm, use version 0.9.0 of the chart.
 - [1241](https://github.com/nginx/kubernetes-ingress/pull/1241) improved the Makefile. As a result, the commands for building the Ingress Controller image were changed. See the updated commands [here]({{< ref "/nic/installation/build-nginx-ingress-controller.md" >}}).
@@ -2029,7 +1979,7 @@ You will find the complete changelog for release 1.9.0, including bug fixes, imp
 - [1120](https://github.com/nginx/kubernetes-ingress/pull/1120) Add RateLimit policy support.
 - [1058](https://github.com/nginx/kubernetes-ingress/pull/1058) Support policies in VS routes and VSR subroutes.
 - [1147](https://github.com/nginx/kubernetes-ingress/pull/1147) Add option to specify other log destinations in AppProtect.
-- [1131](https://github.com/nginx/kubernetes-ingress/pull/1131) Update packages and CRDs to AppProtect 2.0. This update includes features such as: [JSON Schema Validation](https://docs.nginx.com/nginx-app-protect/configuration#applying-a-json-schema), [User-Defined URLs](https://docs.nginx.com/nginx-app-protect/configuration/#user-defined-urls) and [User-Defined Parameters](https://docs.nginx.com/nginx-app-protect/configuration/#user-defined-parameters). See the [release notes](https://docs.nginx.com/nginx-app-protect/releases/#release-2-0) for a complete feature list.
+- [1131](https://github.com/nginx/kubernetes-ingress/pull/1131) Update packages and CRDs to AppProtect 2.0. This update includes features such as: [JSON Schema Validation]({{< ref "/nap-waf/v4/configuration-guide/configuration.md#applying-a-json-schema" >}}), [User-Defined URLs]({{< ref "/nap-waf/v4/configuration-guide/configuration.md#user-defined-urls" >}}) and [User-Defined Parameters]({{< ref "/nap-waf/v4/configuration-guide/configuration.md#user-defined-parameters" >}}). See the [release notes]({{< ref "/nap-waf/v4/releases/about-2.0.md" >}}) for a complete feature list.
 - [1100](https://github.com/nginx/kubernetes-ingress/pull/1100) Add external references to AppProtect.
 - [1085](https://github.com/nginx/kubernetes-ingress/pull/1085) Add installation of threat campaigns package.
 - [1133](https://github.com/nginx/kubernetes-ingress/pull/1133) Add support for IngressClass resources.
@@ -2251,7 +2201,7 @@ FEATURES FOR VIRTUALSERVER AND VIRTUALSERVERROUTE RESOURCES:
 - For NGINX Plus, please build your own image using the 1.7.0 source code.
 - For Helm, use version 0.5.0 of the chart.
 
-When upgrading using the [manifests](/nginx-ingress-controller/installation/installation-with-manifests/), make sure to deploy the new TransportServer CRD (`common/ts-definition.yaml`), as it is required by the Ingress Controller. Otherwise, you will get error messages in the Ingress Controller logs.
+When upgrading using the [manifests]({{< ref "/nic/installation/installing-nic/installation-with-manifests.md" >}}), make sure to deploy the new TransportServer CRD (`common/ts-definition.yaml`), as it is required by the Ingress Controller. Otherwise, you will get error messages in the Ingress Controller logs.
 
 <hr>
 
@@ -2404,4 +2354,4 @@ Otherwise, the helm upgrade will not succeed.
 
 ## Previous Releases
 
-To see the previous releases, see the [Releases page](https://github.com/nginx/kubernetes-ingress/releases) on the Ingress Controller GitHub repo.
+To see the previous releases, see the [Releases page](https://github.com/nginx/kubernetes-ingress/releases) on the Ingress Controller GitHub repo.
\ No newline at end of file
diff --git a/content/nic/tutorials/ingress-path-regex-annotation.md b/content/nic/tutorials/ingress-path-regex-annotation.md
index 73d151bcc..9cee69351 100644
--- a/content/nic/tutorials/ingress-path-regex-annotation.md
+++ b/content/nic/tutorials/ingress-path-regex-annotation.md
@@ -1,17 +1,17 @@
 ---
-docs: DOCS-1451
-doctypes:
-- concept
 title: Ingresses Path Matching Using Path-Regex Annotation
 toc: true
 weight: 1800
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-1451
 ---
 
 This document describes how to customize Ingress and Mergeable Ingress types with path-regex annotations.
 
 ## Customizing NGINX Ingress Controller with Path-Regex Annotations
 
-We suggest reading the NGINX [documentation on resolve location priority](https://docs.nginx.com/nginx/admin-guide/web-server/web-server/#nginx-location-priority)
+We suggest reading the NGINX [documentation on resolve location priority]({{< ref "/nginx/admin-guide/web-server/web-server.md#nginx-location-priority" >}})
 to gain additional context about NGINX and NGINX Plus before using the ``path-regex`` annotation.
 
 ## Ingress Type
diff --git a/content/nic/tutorials/nginx-dynamic-module.md b/content/nic/tutorials/nginx-dynamic-module.md
index bdf5da70d..46eb19a3c 100644
--- a/content/nic/tutorials/nginx-dynamic-module.md
+++ b/content/nic/tutorials/nginx-dynamic-module.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-1231
-doctypes:
-- concept
 title: Using NGINX Ingress Controller with NGINX Dynamic Modules
 toc: true
 weight: 1800
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-1231
 ---
 
 This document describes how to use NGINX Ingress Controller with NGINX dynamic modules.
@@ -13,7 +13,7 @@ This document describes how to use NGINX Ingress Controller with NGINX dynamic m
 
 NGINX Plus has several Dynamic Modules that can add additional features and capabilities to NGINX, which NGINX Ingress Controller can also use. To do this, you must modify your NGINX Ingress Controller image to add a module, then load the updated image.
 
-For more information about Dynamic Modules, you can read [the documentation for NGINX Plus](https://docs.nginx.com/nginx/admin-guide/dynamic-modules/dynamic-modules/).
+For more information about Dynamic Modules, you can read [the documentation for NGINX Plus]({{< ref "/nginx/admin-guide/dynamic-modules/dynamic-modules.md" >}}).
 
 There are two steps involved:
 
diff --git a/content/nic/tutorials/nginx-ingress-istio.md b/content/nic/tutorials/nginx-ingress-istio.md
index 63ab47ff5..0a200ae92 100644
--- a/content/nic/tutorials/nginx-ingress-istio.md
+++ b/content/nic/tutorials/nginx-ingress-istio.md
@@ -1,18 +1,18 @@
 ---
-docs: DOCS-889
-doctypes:
-- concept
 title: NGINX Ingress Controller and Istio Service Mesh
 toc: true
 weight: 1800
+nd-content-type: concept
+nd-product: NIC
+nd-docs: DOCS-889
 ---
 
 NGINX Ingress Controller can be used as the Ingress Controller for applications running inside an Istio service mesh. This allows you to continue using the advanced capabilities that NGINX IC provides on Istio-based environments without resorting to any workarounds.
-This is accomplished using the special setting [use-cluster-ip](https://docs.nginx.com/nginx-ingress-controller/configuration/virtualserver-and-virtualserverroute-resources/#upstream) for the backend.
+This is accomplished using the special setting [use-cluster-ip]({{< ref "/nic/configuration/virtualserver-and-virtualserverroute-resources.md#upstream" >}}) for the backend.
 
 Here is a standard deployment of NGINX Ingress Controller without a sidecar proxy injected into the pod.
 
-{{< img src="./img/nginx_plain.png" alt="NGINX stand alone." >}}
+{{< img src="/nic/nginx_plain.png" alt="NGINX stand alone." >}}
 
 Notice that NGINX Ingress Controller enumerates the pods of the backend service and balances traffic directly to them, granting full control of the backend load balancer and stickiness behavior.
 If your service pods support TLS, then NIC can re-encrypt the traffic to them and provide end-to-end encryption.
@@ -67,7 +67,7 @@ Now, our deployment will look like the following (with Envoy sidecar proxies).
 
 The image below shows how an NGINX Ingress Controller and Istio deployment looks:
 
-{{< img src="./img/nginx-envoy.png" alt="NGINX with envoy sidecar." >}}
+{{< img src="/nic/nginx-envoy.png" alt="NGINX with envoy sidecar." >}}
 
 ## Install NGINX Ingress Controller
 
@@ -111,7 +111,7 @@ spec:
         sidecar.istio.io/inject: 'true'
 ```
 
-{{< img src="./img/nginx_istio_small.png" alt="NGINX Ingress pod with envoy sidecar." >}}
+{{< img src="/nic/nginx_istio_small.png" alt="NGINX Ingress pod with envoy sidecar." >}}
 
 We can now see that after configuring Istio, an Istio sidecar proxy has been installed into the same pod as NGINX Ingress Controller. Now, there are two containers in the same pod for NGINX Ingress Controller: the NGINX Ingress controller container and the Istio sidecar proxy container.
 
diff --git a/content/nic/tutorials/nginx-ingress-linkerd.md b/content/nic/tutorials/nginx-ingress-linkerd.md
index 9910e9ef8..91cba6fd6 100644
--- a/content/nic/tutorials/nginx-ingress-linkerd.md
+++ b/content/nic/tutorials/nginx-ingress-linkerd.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-1450
-doctypes:
-- concept
 title: NGINX Ingress Controller and Linkerd
 toc: true
 weight: 1800
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-1450
 ---
 
 This document explains how to integrate NGINX Ingress Controller with Linkerd using Linkerd's sidecar proxy. Linkerd works with both NGINX Ingress Controller open source and NGINX Ingress Controller using NGINX Plus.
@@ -37,7 +37,7 @@ You can do this through the use of NGINX Ingress Controller's custom resource de
 
 **Using Manifests**
 
-When installing NGINX Ingress Controller, you can [create a custom resource](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-manifests/#3-create-custom-resources) for Linkerd.
+When installing NGINX Ingress Controller, you can [create a custom resource]({{< ref "/nic/installation/installing-nic/installation-with-manifests.md#create-optional-custom-resources" >}}) for Linkerd.
 
 ```yaml
 apiVersion: apps/v1
diff --git a/content/nic/tutorials/nginx-ingress-osm.md b/content/nic/tutorials/nginx-ingress-osm.md
index 7c5b55b0b..5b5b61307 100644
--- a/content/nic/tutorials/nginx-ingress-osm.md
+++ b/content/nic/tutorials/nginx-ingress-osm.md
@@ -1,10 +1,10 @@
 ---
-docs: DOCS-1181
-doctypes:
-- concept
 title: NGINX Ingress Controller and Open Service Mesh
 toc: true
 weight: 1800
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-1181
 ---
 
 
@@ -12,9 +12,6 @@ This document outlines how to integrate F5 NGINX Ingress Controller with Open Se
 
 Open Service Mesh will work with both versions of [F5 NGINX Ingress controller](https://github.com/nginx/kubernetes-ingress): the free as well as the NGINX Plus versions.
 
-Below is a link to the official F5 NGINX Ingress Controller documentation.
-[F5 NGINX Ingress controller](https://docs.nginx.com/nginx-ingress-controller/)
-
 # Integrating NGINX Ingress Controller with Open Service Mesh
 
 There are two ways to integrate NGINX Ingress Controller with Open Service Mesh (OSM):
@@ -53,8 +50,8 @@ The above command will use the mark the `nginx-ingress` namespace, where OSM wil
 
 Links to the complete install guides:
 
-[Using Helm to install NGINX Ingress](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-helm/)
-[Using Manifests to install NGINX Ingress](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-manifests/)
+[Using Helm to install NGINX Ingress]({{< ref "/nic/installation/installing-nic/installation-with-helm.md" >}})
+[Using Manifests to install NGINX Ingress]({{< ref "/nic/installation/installing-nic/installation-with-manifests.md" >}})
 
 When using the sidecar method, ensure that you add the correct annotations listed below. This ensures proper integration of NGINX Ingress Controller with the envoy sidecar proxy.
 
@@ -224,8 +221,8 @@ osm namespace add nginx-ingress --mesh-name osm-nginx --disable-sidecar-injectio
 
 Links to the complete install guides:
 
-[Using Helm to install NGINX Ingress](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-helm/)
-[Using Manifests to install NGINX Ingress](https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-manifests/)
+[Using Helm to install NGINX Ingress]({{< ref "/nic/installation/installing-nic/installation-with-helm.md" >}})
+[Using Manifests to install NGINX Ingress]({{< ref "/nic/installation/installing-nic/installation-with-manifests.md" >}})
 
 *NOTE*: This method does NOT require annotations added to the deployment, compared to the sidecar install method.
 
diff --git a/content/nic/tutorials/security-monitoring.md b/content/nic/tutorials/security-monitoring.md
index a859b7b58..d41478b06 100644
--- a/content/nic/tutorials/security-monitoring.md
+++ b/content/nic/tutorials/security-monitoring.md
@@ -1,18 +1,18 @@
 ---
-doctypes:
-- concept
 title: Connect NGINX App Protect WAF to NGINX Security Monitoring
 toc: true
 weight: 1800
+nd-content-type: how-to
+nd-product: NIC
 ---
 
 This document explains how to use NGINX Ingress Controller to configure NGINX Agent for sending F5 NGINX App Protect WAF metrics to NGINX Security Monitoring.
 
 ## Prerequisites
 
-This guide assumes that you have an installation of NGINX Instance Manager with [NGINX Security Monitoring](https://docs.nginx.com/nginx-instance-manager/monitoring/security-monitoring/deploy/install-security-monitoring/) which is reachable from the Kubernetes cluster on which NGINX Ingress Controller is deployed.
+This guide assumes that you have an installation of NGINX Instance Manager with NGINX Security Monitoring which is reachable from the Kubernetes cluster on which NGINX Ingress Controller is deployed.
 
-If you use custom container images, NGINX Agent must be installed along with NGINX App Protect WAF. See the [Dockerfile](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/build/Dockerfile) for examples of how to install NGINX Agent or the [NGINX Agent installation documentation](https://docs.nginx.com/nginx-agent/installation-upgrade/) for more information.
+If you use custom container images, NGINX Agent must be installed along with NGINX App Protect WAF. See the [Dockerfile](https://github.com/nginx/kubernetes-ingress/tree/v{{< nic-version >}}/build/Dockerfile) for examples of how to install NGINX Agent or the [NGINX Agent installation documentation]({{< ref "/agent/installation-upgrade/" >}}) for more information.
 
 ## Deploying NGINX Ingress Controller with NGINX Agent configuration
 
@@ -74,7 +74,7 @@ If you use custom container images, NGINX Agent must be installed along with NGI
           syslog_ip: 127.0.0.1
           syslog_port: 1514
    ```
-   See the [NGINX Agent Configuration Overview](https://docs.nginx.com/nginx-agent/configuration/configuration-overview/) for more configuration options.
+   See the [NGINX Agent Configuration Overview]({{< ref "/agent/configuration/configuration-overview.md" >}}) for more configuration options.
 
 {{< note >}} The `features` list must not contain `nginx-config-async` or `nginx-ssl-config` as these features can cause conflicts with NGINX Ingress Controller.{{< /note >}}
 
diff --git a/content/nic/usage-reporting.md b/content/nic/usage-reporting.md
index 0690a2679..f756237bc 100644
--- a/content/nic/usage-reporting.md
+++ b/content/nic/usage-reporting.md
@@ -4,9 +4,9 @@ toc: true
 weight: 1800
 noindex: true
 headless: true
-type: how-to
-product: NIC
-docs: DOCS-1445
+nd-content-type: how-to
+nd-product: NIC
+nd-docs: DOCS-1445
 ---
 
 {{< important >}}
@@ -32,8 +32,8 @@ To use Usage Reporting, you must have access to NGINX Instance Manager. For more
 
 To deploy Usage Reporting, you must have the following:
 
-- [NGINX Ingress Controller](https://docs.nginx.com/nginx-ingress-controller) 3.2.0 - 3.7.2
-- [NGINX Instance Manager](https://docs.nginx.com/nginx-instance-manager) 2.11.0 or later
+- [NGINX Ingress Controller]({{< ref "/nic/" >}}) 3.2.0 - 3.7.2
+- [NGINX Instance Manager]({{< ref "/nim/" >}}) 2.11.0 or later
 
 In addition to the software requirements, you will need:
 
@@ -49,12 +49,12 @@ In addition to the software requirements, you will need:
 
 Usage Reporting needs a user account to send usage data to NGINX Instance Manager: these are the steps involved.
 
-1. Create a role following the steps in [Create a Role](https://docs.nginx.com/nginx-instance-manager/admin-guide/rbac/create-roles/#create-roles) section of the NGINX Instance Manager documentation. Select these permissions in step 6 for the role:
+1. Create a role following the steps in [Create a Role]({{< ref "/nim/admin-guide/rbac/create-roles.md#create-roles" >}}) section of the NGINX Instance Manager documentation. Select these permissions in step 6 for the role:
    - Module: Instance Manager
    - Feature: NGINX Plus Usage
    - Access: CRUD
 
-1. Create a user account following the steps in [Add Users](https://docs.nginx.com/nginx-instance-manager/admin-guide/rbac/assign-roles/#assign-roles-to-users-basic-authentication) section of the NGINX Instance Manager documentation. In step 5, assign the user to the role created above. Note that currently only "basic auth" authentication is supported for usage reporting purposes.
+1. Create a user account following the steps in [Add Users]({{< ref "/nim/admin-guide/rbac/assign-roles.md#assign-roles-to-users-basic-authentication" >}}) section of the NGINX Instance Manager documentation. In step 5, assign the user to the role created above. Note that currently only "basic auth" authentication is supported for usage reporting purposes.
 
 ---
 
@@ -152,6 +152,7 @@ Usage Reporting sends the number of NGINX Ingress Controller instances and nodes
 ```shell
 curl --user "foo:bar" https://nms.example.com/api/platform/v1/k8s-usage
 ```
+
 ```json
 {
   "items": [
@@ -212,6 +213,7 @@ You can query the usage data for a specific cluster by specifying the cluster ui
 ```shell
 curl --user "foo:bar" https://nms.example.com/api/platform/v1/k8s-usage/d290f1ee-6c54-4b01-90e6-d701748f0851
 ```
+
 ```json
 {
   "metadata": {