NGINX Plus Technical Specifications

NGINX Plus is available in binary form only; it is not available in source form.
Please inquire for additional platforms and modules.

Supported Distributions

12.04 LTS (i386, x86_64)
14.04 LTS (i386, x86_64, aarch64)
16.04 LTS (i386, x86_64, ppc64le)
16.10 (i386, x86_64)

Platform Limitations
12.04 LTS: nginx-plus-module-geoip2 & nginx-plus-module-modsecurity not available
14.04 LTS: nginx-plus-module-geoip2 not available
16.04 LTS: nginx-plus-module-modsecurity not available for ppc64le platform
16.10: nginx-plus-module-modsecurity not available
CentOS
5.10+, 6.5+ (i386, x86_64)
7.0+ (x86_64)

Platform Limitations
5.10+: nginx-plus-module-geoip2, nginx-plus-module-modsecurity & nginx-plus-module-passenger not available; HTTP/2 not supported by OS OpenSSL library
6.5+: nginx-plus-module-modsecurity not available; see this advisory when upgrading to version 6.6
9.3, 10.1+, 11.0 (amd64)

Platform Limitations
9.3: nginx-plus-module-modsecurity not available
5.10+, 6.5+ (i386, x86_64)
7.0+ (x86_64)

Platform Limitations
5.10+: nginx-plus-module-geoip2, nginx-plus-module-modsecurity & nginx-plus-module-passenger not available; HTTP/2 not supported by OS OpenSSL library
6.5+: nginx-plus-module-modsecurity not available; see this advisory when upgrading to version 6.6
Red Hat
5.10+, 6.5+ (i386, x86_64)
7.0+ (x86_64, ppc64le)

Platform Limitations
5.10+: nginx-plus-module-geoip2, nginx-plus-module-modsecurity & nginx-plus-module-passenger not available; HTTP/2 not supported by OS OpenSSL library
6.5+: nginx-plus-module-modsecurity not available; see this advisory when upgrading to version 6.6
7.0: nginx-plus-module-geoip2 not available for ppc64le platform
7.0, 8.0 (i386, x86_64)

Platform Limitations
7.0, 8.0: nginx-plus-module-geoip2 not available
SUSE Linux Enterprise Server
12, 12 SP1 (x86_64)

Platform Limitations
12, 12 SP1: nginx-plus-module-geoip2 not available
2016.03+ (x86_64)

Supported Deployment Environments

Deploy NGINX Plus in hardware supported environments.
Hardware
Deploy NGINX Plus in a virtual machine or container supported environment.
Virtual Machine or Container
NGINX Plus can be deployed in cloud environments.
Cloud

NGINX Plus Features

A complete set of web serving, proxying, acceleration, and load-balancing capabilities for HTTP-based, TCP-based, and UDP-based services. A complete list of NGINX Plus feature releases can be found in our Admin Guide.

Protocols and Performance
  • HTTP/1.1, HTTP/2, HTTPS, WebSocket
  • IMAP, POP3, SMTP with HTTPS and external HTTP-based authentication
  • IPv4 and IPv6
  • 1 million concurrent connections
  • 10,000+ virtual servers multi-tenancy
  • Connection multiplexing pools for low-latency communications
Load Balancing
  • Full Layer 7 reverse proxy
  • Load balancing of HTTP traffic, including HTTP, HTTPS, FastCGI, memcached, SCGI, uWSGI
  • Load balancing of TCP traffic
  • Load balancing of UDP traffic
  • URL/URI content-based request routing
  • Reverse proxy and load balancer with choice of algorithms (Round Robin, Hash, IP Hash, Least Connections, Least Time)
  • Session persistence with cookie-insert, session-learn, and defined-route methods
  • Session draining for easy maintenance
  • Health monitoring of backend applications with synthetic transactions and slow start
High Availability
  • Active-standby clusters using VRRP (keepalived)
  • Live binary upgrades to eliminate downtime
  • Graceful restart with non-stop request processing
Security
  • Bandwidth, connection, and request policing for HTTP and TCP services
  • Protocol isolation and request filtering
  • Header scrubbing and manipulation
  • IP-based access control lists (ACLs)
  • Proxying requests with NTLM authentication
  • ModSecurity WAF available as dynamically loadable module at additional cost
  • Native support for JSON Web Token (JWT)
Edge Cache and Origin Server
  • Content offload and caching
  • Lightweight cache revalidation
  • Support for Vary field in HTTP header to control caching
  • Serving of cached (stale) content when origin server fails
  • On-the-fly content compression and optimization
  • Segmenting large files into byte ranges, for more efficient caching
  • HTTP video streaming with support for FLV, HDS, HLS, and MP4 formats
SSL/TLS Processing
  • SSL, SNI, TLSv1.1, and TLSv1.2
  • Support for RSA, DSA, ECC, and Perfect Forward Secrecy key exchange
  • Client and server-side certificate validation for client-side and upstream-side connections
  • OCSP stapling
  • Support for "dual-stack" ECC and RSA certificates for same domain
Logging, Monitoring, and Configuration
  • On-the-fly reconfiguration of upstream server pools, with changes optionally persistent across restarts and configuration reloads
  • Live activity monitoring
  • GeoIP configuration decisions
  • Logging of HTTP transactions locally or to syslog
Additional Features
Recommended Hardware
NGINX Plus was designed and optimized for use on generic server hardware. For an edge server capable of serving 3 to 6 Gbps of live traffic and 20,000 to 50,000 requests per second, we commonly recommend the following:
  • 2 modern x86_64 CPUs with 4 to 8 cores per CPU
  • 16 to 32 GB RAM
  • 6 x 250-GB SSD drives (if required for cache and storage)
  • 10-GbE Intel networking card
Packages
nginx-plus – Standard open source NGINX modules and additional NGINX Plus features (see the Modules in the NGINX Plus Package section below). Supports HTTP/2.

Modules in the NGINX Plus Package

Core
  • Core – Control basic functioning (mutexes, events, thread pools, workers, and so on)
HTTP Core
  • HTTP Core – Process HTTP traffic
  • Addition – Prepend and append data to a response
  • Auto Index – Generate directory listings
  • Charset – Add character set in Content-Type field of HTTP response header, and define or convert between character sets
  • Empty GIF – Generate empty image response
  • Gzip – Use GZIP to compress HTTP responses
  • Gzip Static – Serve pre-compressed files from disk
  • Gunzip – Decompress responses for clients that don’t support compression
  • Headers – Add fields to HTTP response headers, including Cache-Control and Expires
  • Index – Specify index files used in directory requests
  • Random Index – Select random index file for directory request
  • Real IP – Determine true origin IP address for proxied traffic
  • SSI – Process Server Side Includes (SSI) commands
  • User ID – Set cookies that uniquely identify clients
  • WebDAV – Implement WebDAV file management
HTTP Access Control and Authentication
  • Access – Control access based on client IP address (support access control lists [ACLs])
  • Auth Basic – Implement HTTP Basic Authentication scheme
  • Auth JWT – Validate JSON Web Tokens
  • Auth Request – Determine client authorization using subrequests to external authentication server
  • Referer – Control access based on Referer field in HTTP request header
  • Secure Link – Process encrypted, time-limited links to content
HTTP Advanced Configuration
  • Browser – Create variables based on User-Agent field in HTTP request header
  • Cache Slice – Create byte-range segments of large files, for more efficient caching
  • Geo – Create variables based on client IP address
  • Map – Create variables based on other variables in requests
  • Rewrite – Test and change URI of request
  • Split Clients – Partition clients for A/B testing
  • Sub – Replace text string in response (rewrite content)
HTTP Logging and Monitoring
  • Log – Log HTTP transactions locally or to syslog
  • Session Log – Log HTTP transactions aggregated per session
  • Status – Implement live activity monitoring
HTTP Media Delivery
  • F4F – Stream HDS (Adobe HTTP Dynamic Streaming; filename extensions .f4f, .f4m, .f4x)
  • FLV – Stream FLV (Flash Video; filename extension .flv)
  • HLS – Stream HLS (Apple HTTP Live Streaming; filename extensions .m3u8, .ts) dynamically generated from MP4 or MOV (filename extensions .m4a, .m4v, .mov, .mp4, and .qt)
  • MP4 – Stream MP4 (filename extensions .m4a, .m4v, .mp4)
  • Streaming of RTMP and DASH is provided by the third-party RTMP module in the NGINX Plus Extras package
HTTP Proxying and APIs
  • FastCGI – Proxy and cache requests to FastCGI application
  • Memcached – Proxy requests to memcached application
  • Proxy – Proxy and cache requests to HTTP server
  • SCGI – Proxy and cache requests to SCGI server
  • Upstream-Conf – Reconfigure upstream groups without restarting NGINX Plus
  • Upstream – Proxy and cache requests to load-balanced pools of application servers
  • uWSGI – Proxy and cache requests to uWSGI server
HTTP Transaction Shaping
  • Limit Connections – Limit concurrent connections from a client IP address or other keyed value
  • Limit Requests – Limit rate of request processing for a client IP address or other keyed value
  • Limit Responses – Limit rate of responses per client connection
HTTP/2 and SSL/TLS
  • HTTP/2 – Process HTTP/2 traffic
  • SSL/TLS – Process HTTPS traffic
Mail
  • Mail Core – Proxy mail traffic
  • Auth HTTP – Offload authentication processing from HTTP server
  • IMAP – Implement capabilities and authentication methods for IMAP
  • POP3 – Implement authentication methods for POP3 traffic
  • Proxy – Support proxy-related parameters for mail protocols
  • SMTP – Define accepted SASL authentication methods for SMTP clients
  • SSL/TLS – Implement SSL, STARTTLS, and TLS for mail protocols
TCP and UDP Load Balancing
  • Stream – Process TCP and UDP traffic
  • Access – Support IP-based access control lists (ACLs)
  • Geo – Create variables based on client IP address
  • Limit Conn – Limit concurrent connections by key
  • Log – Log TCP and UDP transactions
  • Map – Create variables based on other variables in requests
  • Proxy – Proxy requests to TCP and UDP servers
  • Real IP – Determine true origin IP address for proxied traffic
  • Return – Return specified value to client and close connection
  • Split Clients – Partition clients for A/B testing
  • SSL/TLS – Process TCP traffic secured with SSL/TLS
  • SSL/TLS Preread – Forward TCP traffic secured with SSL/TLS without decrypting it
  • Upstream – Proxy and cache requests to load-balanced pools of servers

NGINX-authored Dynamic Modules

GeoIP
GeoIP (nginx-plus-module-geoip) – Create variables based on the client IP address, using the precompiled MaxMind databases, for both HTTP and TCP/UDP traffic
Image-Filter
Image-Filter (nginx-plus-module-image-filter) – Transform JPEG, GIF, and PNG images (for example, crop, resize, or rotate them)
ModSecurity (preview)
ModSecurity (nginx-plus-module-modsecurity) – Implement web application firewall
nginScript (preview)
nginScript (nginx-plus-module-njs) – Integrate JavaScript code into the NGINX event processing model for HTTP and Stream modules
Perl
Perl (nginx-plus-module-perl) – Implement location and variable handlers in Perl, and insert Perl calls into Server Side Includes (SSI)
XSLT
XSLT (nginx-plus-module-xslt) – Transform XML responses using one or more XSLT stylesheets

NGINX-certified Community Dynamic Modules

GeoIP2
GeoIP2 (nginx-plus-module-geoip2) – Create variables based on the client IP address, using the precompiled MaxMind GeoIP2 databases.
Headers-More
Headers-More (nginx-plus-module-headers-more) – Set and clear input and output headers (third-party extension to NGINX core Headers module)
Lua
Lua (nginx-plus-module-lua) – Integrate Lua coroutines into the NGINX event processing model (third-party extension)
Phusion Passenger Open Source
Phusion Passenger Open Source (nginx-plus-module-passenger) – Deploy and administer applications written in Node.js, Python, and Ruby (third‑party extension)
RTMP Media Streaming
RTMP (nginx-plus-module-rtmp) – Stream Real-Time Messaging Protocol (RTMP), Apple HTTP Live Streaming (HLS), and Dynamic Adaptive Streaming over HTTP (DASH) [third-party extension]
Set-Misc
Set-Misc (nginx-plus-module-set-misc) – Implement numerous additional set_* directives (third-party extension to NGINX core Rewrite module)

TRY NGINX PLUS!

Download a 30 day free trial and see what you've been missing.

X

Got a question for the NGINX team?

< back
X