NGINX can help you protect your apps against the Log4Shell vulnerability in Apache log4j (CVE-2021-44228), with NGINX App Protect, NGINX ModSecurity WAF, or a script using the NGINX JavaScript Module.
Improving NGINX Performance with Kernel TLS and SSL_sendfile( )
NGINX Open Source 1.21.4 introduces support for kernel TLS (kTLS), which boosts performance by significantly reducing the need to copy data between user space and the kernel. We provide complete instructions for enabling kTLS in NGINX and share results of our performance testing.
Announcing NGINX Plus R25
NGINX Plus R25 introduces more sophisticated authentication use cases with JWT, JWS, and JWE; counts of individual HTTP status codes; dynamic certificate loading for mTLS with upstream servers; hardened security for HTTP request processing; and NGINX JavaScript enhancements.
Bringing F5 and NGINX WAF Policies into Controller App Security
With NGINX Controller App Security for version 3.20 of the Application Delivery Module, you can now import your custom F5 Advanced WAF and NGINX App Protect WAF policies and distribute them across all your managed deployments. We call this Bring Your Own NGINX App Protect WAF Policy.
A New, Open Source Modern Apps Reference Architecture
We announce the Modern Apps Reference Architecture, an open source architecture and deployment model for modern apps deployed in Kubernetes.
Fortifying APIs with Advanced Security
The NGINX Controller App Security add-on for Controller API Management provides an app-centric, self-service way for app teams to boost their API security with integrated WAF protection. Security teams can still define policies and monitor APIs for compliance.
NGINX Is Available in AWS Marketplace for Containers
It's easier than ever to set up a production-grade Kubernetes deployment in AWS. Purchase the NGINX Plus-based version of NGINX Ingress Controller, with or without NGINX App Protect, directly from AWS Marketplace for Containers.
Updating Configurations and Managing Certificates at Scale with NGINX Instance Manager
NGINX Instance Manager version 1.0 introduces two new features. Tagging on NGINX instances and user roles enables you to apply configuration to an entire group at once. The certificate scan detects expiring certificates so you can replace them to ensure uninterrupted service.
Now the World's #1 Web Server, NGINX Looks Forward to an Even Brighter Future
NGINX recently became the most popular web server in the world, according to W3Techs. We're profoundly grateful to the NGINX community, who've brought us to this milestone, and look forward to providing even more tools to help you optimize delivery of your modern and cloud-native apps.
Updating NGINX for a DNS Resolver Vulnerability (CVE-2021-23017)
We have released updates to NGINX Open Source, NGINX Plus, and NGINX Ingress Controller to fix a vulnerability in DNS resolution (CVE-2021-23017). We consider the vulnerability to be low-severity, but encourage users to upgrade to the latest versions.