We provide guidance on using NGINX to mitigate the recently discovered vulnerability in PHP-FPM (CVE-2019-11043). The vulnerability is triggered when the PATH_INFO variable passed to PHP-FPM with an invalid value, which can happen in a common NGINX configuration.
NGINX Unit 1.11.0 Is Now Available, Introduces Static File Serving
NGINX Unit 1.11.0 introduces support for static file serving, a much requested feature ever since NGINX Unit debuted. It also includes application (process) isolation using Linux namespaces and a WebSocket server implementation for Java Servlet Containers. NGINX Unit 1.12.0 adds support for PHP 7.4.
NGINX Announces New Versions of Open Source, Commercial, and Partner Solutions, Helping Businesses Evolve Apps for the Digital Era
From NGINX Conf 2019, kicking off today in Seattle, Gus Robertson outlines F5's vision for the future of the NGINX Application Platform. He previews innovations that will enable apps to sense, think, and respond like living organisms in the next wave of digital transformation.
Announcing NGINX Plus R19
NGINX Plus R19 extends our monitoring capabilities, both with a larger set of metrics and new ways to analyze them; adds a dry-run mode for testing the effect of rate limiting; enhances the key-value store to support IP address ranges; and makes rate limiting more dynamic.
NGINX Updates Mitigate the August 2019 HTTP/2 Vulnerabilities
We have released updates to NGINX Open Source and NGINX Plus to fix vulnerabilities in the HTTP/2 protocol that were announced today (CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516). Upgrade as soon as possible to NGINX 1.17.3, NGINX 1.16.1, or NGINX Plus R18 P1.
NGINX Is Now Officially Part of F5
NGINX is now officially a part of F5. In his new role as head of the NGINX business unit at F5, Gus Robertson outlines the value of merging the people, culture, and vision of the two companies as we work together to enhance NGINX's open source and commercial offerings.
Announcing New Cloud Marketplace and Module Solutions for NGINX and NGINX Plus
NGINX is expanding its offerings for the public cloud. Enhancements include support for Amazon EC2 A1 Instances, CentOS 8, and RHEL 8; the NGINX Plus Enterprise Edition; a developer marketplace in partnership with DigitalOcean; and new NGINX Plus Certified Modules.
Announcing NGINX Plus R18
NGINX Plus R18 introduces dynamic loading of SSL/TLS certificates, enhances our OpenID Connect reference implementation, and supports port ranges for virtual servers. It also includes enhancements to the key-value store, health checks, NGINX Plus clustering, and the NGINX JavaScript module.
NGINX to Join F5: Proud to Finish One Chapter and Excited to Start the Next
F5 and NGINX today announced an agreement under which F5 will acquire NGINX for approximately $670 million. Hear from NGINX CEO Gus Robertson on why NGINX + F5 is a powerful combination that will ‘bridge the divide’ between NetOps and DevOps.
NGINX Unit 1.8.0 Is Now Available, Introduces Internal Routing
NGINX Unit 1.8.0 introduces internal routing of requests based on host, URL, and HTTP method, This sets the framework for full Layer 7 request processing, necessary for further development of Unit's web server functionality.