Category: News

NGINX can help you protect your apps against the Log4Shell vulnerability in Apache log4j (CVE-2021-44228), with NGINX App Protect, NGINX ModSecurity WAF, or a script using the NGINX JavaScript Module.

NGINX Open Source 1.21.4 introduces support for kernel TLS (kTLS), which boosts performance by significantly reducing the need to copy data between user space and the kernel. We provide complete instructions for enabling kTLS in NGINX and share results of our performance testing.

NGINX Plus R25 introduces more sophisticated authentication use cases with JWT, JWS, and JWE; counts of individual HTTP status codes; dynamic certificate loading for mTLS with upstream servers; hardened security for HTTP request processing; and NGINX JavaScript enhancements.

With NGINX Controller App Security for version 3.20 of the Application Delivery Module, you can now import your custom F5 Advanced WAF and NGINX App Protect WAF policies and distribute them across all your managed deployments. We call this Bring Your Own NGINX App Protect WAF Policy.

We announce the Modern Apps Reference Architecture, an open source architecture and deployment model for modern apps deployed in Kubernetes.

The NGINX Controller App Security add-on for Controller API Management provides an app-centric, self-service way for app teams to boost their API security with integrated WAF protection. Security teams can still define policies and monitor APIs for compliance.

It's easier than ever to set up a production-grade Kubernetes deployment in AWS. Purchase the NGINX Plus-based version of NGINX Ingress Controller, with or without NGINX App Protect, directly from AWS Marketplace for Containers.

NGINX Instance Manager version 1.0 introduces two new features. Tagging on NGINX instances and user roles enables you to apply configuration to an entire group at once. The certificate scan detects expiring certificates so you can replace them to ensure uninterrupted service.

NGINX recently became the most popular web server in the world, according to W3Techs. We're profoundly grateful to the NGINX community, who've brought us to this milestone, and look forward to providing even more tools to help you optimize delivery of your modern and cloud-native apps.

We have released updates to NGINX Open Source, NGINX Plus, and NGINX Ingress Controller to fix a vulnerability in DNS resolution (CVE-2021-23017). We consider the vulnerability to be low-severity, but encourage users to upgrade to the latest versions.