F5 NGINX is proud to sponsor two open source organizations that are key to improving security on the Internet: Let's Encrypt and OpenSSL. Learn more about what they do.
DROWN Vulnerability CVE-2016-0800 in OpenSSL Misses Most NGINX Users
The DROWN vulnerability in OpenSSL, CVE-2016-0800, does not affect most NGINX users. See this article for details and preventative steps.
Announcing an Early Alpha Patch for HTTP/2
This blog post provides an overview of an early alpha patch to enable HTTP/2 support in NGINX. Installation instructions are also provided.
Protecting NGINX Against the June 2015 OpenSSL Vulnerability (CVE-2015-1793)
Learn how to protect NGINX against the OpenSSL vulnerability announced in June 2015 (CVE-2015-1793)
NGINX and the 5 June 2014 OpenSSL Security Advisory
The OpenSSL project announced fixes to 7 security vulnerabilities on 5 June 2014. An update to OpenSSL is generally sufficient to address this.
NGINX and the Heartbleed Vulnerability
Read this important information about what should be checked in regards to NGINX and OpenSSL installation with the Heartbleed vulnerability in the wild