We provide guidance on using NGINX to mitigate the recently discovered vulnerability in PHP-FPM (CVE-2019-11043). The vulnerability is triggered when the PATH_INFO variable passed to PHP-FPM with an invalid value, which can happen in a common NGINX configuration.

NGINX Unit 1.11.0 introduces support for static file serving, a much requested feature ever since NGINX Unit debuted. It also includes application (process) isolation using Linux namespaces and a WebSocket server implementation for Java Servlet Containers. NGINX Unit 1.12.0 adds support for PHP 7.4.

NGINX Plus R19 extends our monitoring capabilities, both with a larger set of metrics and new ways to analyze them; adds a dry-run mode for testing the effect of rate limiting; enhances the key-value store to support IP address ranges; and makes rate limiting more dynamic.

We have released updates to NGINX Open Source and NGINX Plus to fix vulnerabilities in the HTTP/2 protocol that were announced today (CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516). Upgrade as soon as possible to NGINX 1.17.3, NGINX 1.16.1, or NGINX Plus R18 P1.

NGINX is now officially a part of F5. In his new role as head of the NGINX business unit at F5, Gus Robertson outlines the value of merging the people, culture, and vision of the two companies as we work together to enhance NGINX's open source and commercial offerings.

NGINX is expanding its offerings for the public cloud. Enhancements include support for Amazon EC2 A1 Instances, CentOS 8, and RHEL 8; the NGINX Plus Enterprise Edition; a developer marketplace in partnership with DigitalOcean; and new NGINX Plus Certified Modules.

NGINX Plus R18 introduces dynamic loading of SSL/TLS certificates, enhances our OpenID Connect reference implementation, and supports port ranges for virtual servers. It also includes enhancements to the key-value store, health checks, NGINX Plus clustering, and the NGINX JavaScript module.

F5 and NGINX today announced an agreement under which F5 will acquire NGINX for approximately $670 million. Hear from NGINX CEO Gus Robertson on why NGINX + F5 is a powerful combination that will ‘bridge the divide’ between NetOps and DevOps.

NGINX Unit 1.8.0 introduces internal routing of requests based on host, URL, and HTTP method, This sets the framework for full Layer 7 request processing, necessary for further development of Unit's web server functionality.

The NGINX Controller API Management Module is next-generation solution for defining and publishing APIs, managing and securing API traffic, monitoring performance, and analyzing usage. In short, it manages the entire lifecycle of APIs without compromising performance.