Today we are pleased to announce the availability of NGINX Open Source 1.15.2. One key feature in this release is the new $ssl_preread_protocol variable, which allows you to distinguish between SSL/TLS and other protocols when forwarding traffic using a TCP (stream) proxy. This is useful if you want to avoid firewall restrictions by (for example) running…
Continue reading ›Top 5 NGINX Blog Posts for 2017 – R12, Microservices, & More
neophile (n): an enthusiast for what is new or novel What was most popular in the NGINX blog this year? Looking at our top blog posts, we see that new NGINX Plus releases, microservices, security, and load balancing are all big hits, along with the NGINX Application Platform. 1. NGINX Plus R12 The NGINX Plus R12 release was…
Continue reading ›Optimizing Web Servers for High Throughput and Low Latency
This post is adapted from a presentation at nginx.conf 2017 by Alexey Ivanov of Dropbox. You can view the complete presentation on YouTube. Table of Contents Introduction 1:45 Disclaimers 3:13 Hardware 4:30 Kernel 7:20 Network Cards 11:40 Network Stack 14:45 Sysctl Tuning Do’s and Don’ts 16:10 Libraries 18:13 TLS 20:42 NGINX 22:30 Buffering 24:41 TLS with…
Continue reading ›Update: Using Free Let’s Encrypt SSL/TLS Certificates with NGINX
Editor – This is an update to a previous blog post about using Let's Encrypt certificates with NGINX. This blog covers the newly added NGINX support in certbot. Also see our blog post from nginx.conf 2015, in which Peter Eckersley and Yan Zhu of the Electronic Frontier Foundation introduce the then‑new Let's Encrypt certificate authority. It's well known that SSL/TLS encryption…
Continue reading ›Running Microservices on OpenShift with the NGINX MRA’s Fabric Model
[ngx_snippet name='table-style-blog'] Kubernetes has become a popular container platform for running microservices applications. It provides many important features, such as fault tolerance, load balancing, service discovery, autoscaling, rolling upgrades, and others. These features allow you to seamlessly develop, deploy, and manage containerized applications across a cluster of machines. Red Hat's OpenShift 3 is a container platform…
Continue reading ›nginx.conf 2016 Preview 2: Customer and Partner Speakers
nginx.conf 2016 is happening September 7–9, less than a month away. Sign up today via this link for a $400 discount plus another 25% off! The first two days – Wednesday, September 7 and Thursday, September 8 – are the regular conference, with sessions and exhibitor booths. We will also have two of the most popular attractions at every NGINX…
Continue reading ›nginx.conf 2016 Preview 1: NGINX Speakers
nginx.conf 2016 is only two months away! The early bird rate is still available until Friday, July 22, so sign up today. On Wednesday, September 7 and Thursday, September 8, you'll enjoy conference sessions and exhibitor booths. The NGINX booth will be staffed by key NGINXers, including developers from our Moscow office! On Friday, September 9, we’ll offer training…
Continue reading ›Let’s Encrypt: TLS for NGINX
The following is adapted from a presentation given by Yan Zhu and Peter Eckersley from the Electronic Frontier Foundation (EFF) at nginx.conf 2015, held in San Francisco in September. You can watch the video of the complete talk on YouTube. Table of Contents 0:00 Introduction 0:29 Problem #1 – TLS is Not Ubiquitous 2:10 Problem #2 – Setting up TLS 2:52 How Long…
Continue reading ›NGINX + HTTPS 101: The Basics & Getting Started
This post is adapted from a webinar presented by Nick Sullivan of CloudFlare at nginx.conf 2015 in September. You can view a recording of the presentation on NGINX, Inc. YouTube channel. Table of Contents 0:00 NGINX + HTTPS 101 Overview 1:00 What is HTTPS? 2:02 SSL Handshake 3:05 Why Set Up HTTPS? 4:51 What Are the…
Continue reading ›HTTP Strict Transport Security (HSTS) and NGINX
Netcraft recently published a study of the SSL/TLS sites they monitor, and observed that only 5% of them correctly implement HTTP Strict Transport Security (HSTS). This article describes how to configure NGINX and NGINX Plus to implement an HSTS policy. What is HSTS? HTTPS (HTTP encrypted with SSL or TLS) is an essential part of the…
Continue reading ›
