NGINX Blog

NGINX announces the latest branches of NGINX Open Source, the stable 1.16 branch and the mainline 1.17 branch. New to the stable branch are improvements to UDP proxying, the Random load‑balancing method, support for TLS 1.3 early data, dynamic loading of SSL certificates, and more.

NGINX and NGINX Plus can act as an OAuth 2.0 Relying Party, sending access tokens to the Idenity Provider for validation and only proxying requests that pass the validation process.

NGINX is now officially a part of F5. In his new role as head of the NGINX business unit at F5, Gus Robertson outlines the value of merging the people, culture, and vision of the two companies as we work together to enhance NGINX's open source and commercial offerings.

NGINX is expanding its offerings for the public cloud. Enhancements include support for Amazon EC2 A1 Instances, CentOS 8, and RHEL 8; the NGINX Plus Enterprise Edition; a developer marketplace in partnership with DigitalOcean; and new NGINX Plus Certified Modules.

In this blog we compare the performance of the NGINX Controller API Management Module and Kong. The API Management Module outperforms Kong on every metric: added latency, API calls per second (with and without JWT authentication), and CPU usage.

In this installment of our "Ask NGINX" series, we discuss how NGINX and NGINX Plus work with Diffie-Hellman, support for Datagram Transport Layer Security, how to control the lifetime of content in the cache, and how to add the NGINX WAF to an NGINX Plus subscription.

Registration is now open for NGINX Conf 2019, taking place on September 9 and 10 in Seattle, WA. Join us for keynotes from industry luminaries and NGINX experts, technical and business breakout sessions, and opportunities to share tips on best practices with fellow NGINX users.

With NGINX conditional logging, you can log a subset of requests which have defined characteristics. This blog uses it to solve a real-world customer use case: the need to reject obsolete and insecure SSL/TLS ciphers without excluding legitimate users of legacy devices.

Is your API management solution secure when vulnerabilities are found? The NGINX team builds patches into the NGINX Controller API Management Module as soon as they're available. Third-party solutions built on NGINX can leave you vulnerable while vendors test and port patches.

The second post of our series about protecting SSL private keys shows how to set up HashiCorp Vault to store the passwords that protect private keys, and to configure NGINX to retrieve the passwords. We also discuss using a hardware security module for even greater security.