NGINX recently became the most popular web server in the world, according to W3Techs. We're profoundly grateful to the NGINX community, who've brought us to this milestone, and look forward to providing even more tools to help you optimize delivery of your modern and cloud-native apps.

We have released updates to NGINX Open Source, NGINX Plus, and NGINX Ingress Controller to fix a vulnerability in DNS resolution (CVE-2021-23017). We consider the vulnerability to be low-severity, but encourage users to upgrade to the latest versions.

NGINX Service Mesh is officially production-ready! NGINX Service Mesh is free, optimized for developers, and the lightest, easiest way to implement mTLS and end-to-end encryption in Kubernetes for both ingress-egress and and service-to-service traffic.

NGINX Plus R24 introduces support for encrypted JSON Web Tokens (JWE) and integration with F5 Device ID+. The NGINX JavaScript module reaches an important milestone with support for response filtering and use of HTTP-based authentication services for TCP/UDP connections.

NGINX Ingress Controller now offers enhanced TCP/UDP load balancing with support for snippets, health checks, and multiple TransportServer resources. Release 1.11.0 also introduces a WAF policy for easier configuration of NGINX App Protect, Istio compatibility, and more.

The more ways you leverage the power of NGINX, the more of challenge it can be to track and manage the NGINX Open Source and NGINX Plus instances across your infrastructure. Introducing NGINX Instance Manager, one tool for tracking, configuring, and monitoring NGINX at scale.

NGINX, a part of F5, Inc., is pleased to announce that we have become the first Gold sponsor of the OWASP ModSecurity Core Rule Set (CRS) project. We look forward to working with the CRS team and helping ensure the CRS project’s long-term success.

NGINX Ingress Controller now supports single sign-on with OpenID Connect. Release 1.10.0 also introduces new configuration queue metrics, annotations on log entries, better validation of annotations and secrets, support for NGINX App Protect user-defined signatures, and more.

Since our last update, the NGINX Unit team has released three versions, 1.19.0 through 1.21.0. New features include support for ASGI with Python, multi-threading with several languages (Java, Perl, Python, Ruby), regular expressions in routing conditions, and more.

We introduce the NGINX Controller App Security add-on for Controller Application Delivery, which provides an app-centric, self-service way for app teams to enable WAF protection for their apps, while security teams can still define policies and monitor apps for compliance.