We describe three progressively more secure ways to protect SSL private keys when configuring NGINX to handle HTTPS traffic: allowing read access only to the root user, encrypting keys with separately stored passwords, and distributing passwords from a central repository.
Owen Garrett leads the product and go-to-market strategy for NGINX’s web acceleration and delivery technologies. Owen has over 15 years of experience in software engineering and product leadership at companies such as Riverbed. Today, Owen uses his technical and management expertise to optimize NGINX products and customer satisfaction.
"Service mesh" is a hot topic, but as of early 2019 most implementations are not production-ready. In this blog we offer advice on adopting existing technologies that are likely to meet the needs of all but the most complex applications until such time as service mesh is more mature.
The latest version of the TLS protocol, TLS 1.3, was just released in August 2018. TLS 1.3 is faster and more secure than TLS 1.2. In this webinar we cover what’s new in TLS 1.3 and how to use it with NGINX, plus other new features in NGINX Open Source and NGINX Plus.
Join us to hear about valuable insights from our customers who have used the NGINX MRA. Learn about our approach to a service mesh solution based on our control plane, NGINX Controller, new tool to migrate faster to KuberNetes as well as new Professional Services offerings.
Release 1.4.0 of the NGINX Ingress Controller for Kubernetes includes support for TCP and UDP load balancing and a "power of two choices" load-balancing algorithm (Random with Two Choices), extended Prometheus support, and easy development of custom Annotations.
The Random with Two Choices load-balancing algorithm is NGINX's implementation of the "power of two choices" method. This biased random algorithm has been shown to be effective at balancing loads when each load balancer has an incomplete or delayed view of the traffic.
Software has replaced hardware in many application delivery stacks, but a set of single-purpose solutions is nearly as complex and hard to manage as hardware. NGINX Plus consolidates API gateway and load balancing functions into a single, lightweight platform.
In this webinar we discuss how to install the OWASP Core Rule Set (CRS) w/ NGINX & ModSecurity. The CRS protects against many types of attack, including SQL Injection (SQLi), Local File Inclusion (LFI), & Remote Code Execution (RCE).
When Security-Enhanced Linux (SELinux) is enabled for Red Hat Enterprise Linux (RHEL) and related distros, its default settings prevent NGINX and NGINX Plus from performing some operations. This article explains how to modify SELinux settings to permit full functionality.
NGINX has released version 1.3.0 of the NGINX Ingress Controller for Kubernetes. This release features Prometheus support, better Helm charts, mergeable Ingress resources, easier custom template management, health checks, and status reporting. Come to Github and get it.