The OpenSSL project announced fixes to 7 security vulnerabilities on 5 June 2014. An update to OpenSSL is generally sufficient to address this.
NGINX Plus R13, with more dynamic deployments, enhanced debugging, and improved security, is now available free to NGINX Plus subscribers
The Meltdown and Spectre vulnerabilities stem from commonly found security flaws in microprocessors. They require patches to most OSs.
Take advantage of the early bird discount for nginx.conf 2016 now! Read about customer and partner speakers in this blog post.
Learn how to secure resources with NGINX and NGINX Plus, by requiring clients to include a hashed value in request URLs, optionally with an expiration date
NGINX Plus R10 adds support for the JSON Web Token (JWT) standard. Learn how to use JWTs and OpenID Connect to control access to your applications.
The current GPG key for NGINX, Inc. products expires on August 17, 2016. Learn how to update the key so you can continue to verify software signatures.
Use NGINX/NGINX Plus to prevent the HTTPoxy vulnerability, which attacks CGI and FastCGI-like application interfaces, from being exploited on your servers.