We compare the performance of the community, NGINX Open Source, and NGINX Plus Ingress Controllers in a dynamic Kubernetes cloud environment. As the number of Pod replicas scales up and down, only the NGINX Plus Ingress Controller doesn't incur high latencies.
Addressing a DoS Vulnerability (CVE-2020-15598) in ModSecurity
On 14 September 2020 we released an update to the NGINX Plus ModSecurity module (for NGINX Plus R20, R21, and R22) in response to CVE-2020-15598. We encourage NGINX Plus subscribers to upgrade to the patched module.
Why DNS Is Critical for Modern Application Deployments
We discuss how you can use a DNS service like F5 DNS Load Balancer Cloud service to implement three methods for seamlessly and safely deploying application updates to production environments: blue-green, rolling blue-green, and canary releases.
Setting Up App Security as-a-Service for NGINX in Under 5 Minutes with F5 Essential App Protect
F5 Essential App Protect is a simple, pay-as-you-go, SaaS-based security service for securing apps proxied by NGINX and NGINX Plus. Based on F5’s 20+ years of app security expertise, it's a DevOps-ready service that protects against the security threats faced by modern apps.
Achieving FIPS Compliance with NGINX Plus
We explain how to run NGINX Plus in compliance with the FIPS 140-2 Security Requirements for Cryptographic Modules standard, which specifies the cryptographic protocols that are accepted by the U.S. Federal government and many other organizations.
Integrating Fortanix Self-Defending KMS with NGINX and NGINX Plus
With the Fortanix Self-Defending Key Management Service, you can offload TLS crytographic processing from your NGINX and NGINX Plus servers, and safely store your TLS keys for on-demand uploading into the NGINX Plus key-value store. We provide complete instructions for both use cases.
A Reference Architecture for Real-Time APIs
We present a reference architecture for real-time APIs, based on work with NGINX’s largest, most demanding customers. We encompass all aspects of the API management solution but go deeper on the API gateway which is responsible for ensuring real-time performance.
Filesystem Isolation in NGINX Unit
We explore two use cases for filesystem isolation in NGINX Unit. First, we stop attackers from accessing sensitive information, by restricting a compromised app to its sandbox directory. Second, we toggle between sets of global dependencies by defining them in separate filesystems.
Securing Your Apps in Kubernetes with NGINX App Protect
With NGINX Plus Ingress Controller for Kubernetes release 1.8.0, NGINX App Protect can be embedded in the Ingress Controller. This puts WAF protection closer to applications, which is crucial in modern app environments like Kubernetes. It also enables automation and reduces complexity and cost.
Optimize Your NGINX Plus Deployment with Arm-Based Amazon EC2 M6g Instances
Amazon EC2 M6g instances deliver 54% better performance and 20% cost savings over x86-based instances with NGINX Plus as a reverse proxy and API gateway. They're powered by the AWS Graviton2 Processor, built on 64‑bit Arm Neoverse cores. Get all the details in Arm's whitepaper.