NGINX Plus Technical Specifications

NGINX Plus is available in binary form only; it is not available in source form.
Please inquire for additional platforms and modules.

Supported Distributions

12.04 LTS (i386, x86_64)
14.04 LTS (i386, x86_64, aarch64)
16.04 LTS (i386, x86_64, ppc64le)

Platform Limitations
12.04 LTS: nginx-plus-module-modsecurity, nginx-plus-module-geoip2 not available
14.04 LTS: nginx-plus-module-geoip2 not available
16.04 LTS: nginx-plus-module-modsecurity not available on ppc64le platforms
CentOS
5.10+, 6.5+ (i386, x86_64)
7.0+ (x86_64)

Platform Limitations
5.10+: nginx-plus-extras, nginx-plus-module-modsecurity, and nginx-plus-module-passenger, nginx-plus-module-geoip2 not available; HTTP/2 not supported by OS OpenSSL library
6.5+: nginx-plus-module-modsecurity not available; see this advisory when upgrading to version 6.6
9.3, 10.1+ (amd64)

Platform Limitations
9.3: nginx-plus-module-modsecurity not available
5.10+, 6.5+ (i386, x86_64)
7.0+ (x86_64)

Platform Limitations
5.10+: nginx-plus-extras, nginx-plus-module-modsecurity, and nginx-plus-module-passenger, nginx-plus-module-geoip2 not available; HTTP/2 not supported by OS OpenSSL library
6.5+: nginx-plus-module-modsecurity not available; see this advisory when upgrading to version 6.6
Red Hat
5.10+, 6.5+ (i386, x86_64)
7.0+ (x86_64, ppc64le)

Platform Limitations
5.10+: nginx-plus-extras, nginx-plus-module-modsecurity, and nginx-plus-module-passenger, nginx-plus-module-geoip2 not available; HTTP/2 not supported by OS OpenSSL library
6.5+: nginx-plus-module-modsecurity not available; see this advisory when upgrading to version 6.6
7.0+: nginx-plus-module-geoip2 not available on ppc64le
7.0, 8.0 (i386, x86_64)

Platform Limitations
7.0, 8.0: nginx-plus-module-geoip2 not available
SUSE Linux Enterprise Server
12, 12 SP1 (x86_64)

Platform Limitations
12, 12 SP1: nginx-plus-module-geoip2 not available
2016.03+ (x86_64)

Supported Deployment Environments

Deploy NGINX Plus in hardware supported environments.
Hardware
Deploy NGINX Plus in a virtual machine or container supported environment.
Virtual Machine or Container
NGINX Plus can be deployed in cloud environments.
Cloud

NGINX Plus Features

A complete set of web serving, proxying, acceleration, and load-balancing capabilities for HTTP-based, TCP-based, and UDP-based services. A complete list of NGINX Plus feature releases can be found in our Admin Guide.

Protocols and Performance
  • HTTP/1.1, HTTP/2, HTTPS, WebSocket
  • IMAP, POP3, SMTP with HTTPS and external HTTP-based authentication
  • IPv4 and IPv6
  • 1 million concurrent connections
  • 10,000+ virtual servers multi-tenancy
  • Connection multiplexing pools for low-latency communications
Load Balancing
  • Full Layer 7 reverse proxy
  • Load balancing of HTTP traffic, including HTTP, HTTPS, FastCGI, memcached, SCGI, uWSGI
  • Load balancing of TCP traffic
  • Load balancing of UDP traffic
  • URL/URI content-based request routing
  • Reverse proxy and load balancer with choice of algorithms (Round Robin, Hash, IP Hash, Least Connections, Least Time)
  • Session persistence with cookie-insert, session-learn, and defined-route methods
  • Session draining for easy maintenance
  • Health monitoring of backend applications with synthetic transactions and slow start
High Availability
  • Active-standby clusters using VRRP (keepalived)
  • Live binary upgrades to eliminate downtime
  • Graceful restart with non-stop request processing
Security
  • Bandwidth, connection, and request policing for HTTP and TCP services
  • Protocol isolation and request filtering
  • Header scrubbing and manipulation
  • IP-based access control lists (ACLs)
  • Proxying requests with NTLM authentication
  • ModSecurity WAF available as dynamically loadable module at additional cost
  • Native support for JSON Web Token (JWT)
Edge Cache and Origin Server
  • Content offload and caching
  • Lightweight cache revalidation
  • Support for Vary field in HTTP header to control caching
  • Serving of cached (stale) content when origin server fails
  • On-the-fly content compression and optimization
  • Segmenting large files into byte ranges, for more efficient caching
  • HTTP video streaming with support for FLV, HDS, HLS, and MP4 formats
SSL/TLS Processing
  • SSL, SNI, TLSv1.1, and TLSv1.2
  • Support for RSA, DSA, ECC, and Perfect Forward Secrecy key exchange
  • Client and server-side certificate validation for client-side and upstream-side connections
  • OCSP stapling
  • Support for "dual-stack" ECC and RSA certificates for same domain
Logging, Monitoring, and Configuration
  • On-the-fly reconfiguration of upstream server pools, with changes optionally persistent across restarts and configuration reloads
  • Live activity monitoring
  • GeoIP configuration decisions
  • Logging of HTTP transactions locally or to syslog
Additional Features
Recommended Hardware
NGINX Plus was designed and optimized for use on generic server hardware. For an edge server capable of serving 3 to 6 Gbps of live traffic and 20,000 to 50,000 requests per second, we commonly recommend the following:
  • 2 modern x86_64 CPUs with 4 to 8 cores per CPU
  • 16 to 32 GB RAM
  • 6 x 250-GB SSD drives (if required for cache and storage)
  • 10-GbE Intel networking card
Packages
  • nginx-plus – Standard open source NGINX modules and additional NGINX Plus features (see the Modules in the NGINX Plus Package section below). Supports HTTP/2.
  • nginx-plus-extras: NGINX Plus with additional modules: GeoIP, Headers-More, Image Filter, Lua, Phusion Passenger, Perl, RTMP, Set-Misc, and XSLT; also the Lua library for the Redis client driver. Supports HTTP/2.

    For details about these modules, see the NGINX Plus Dynamic Modules section below. Note that not all dynamic modules listed there are built into the nginx‑plus‑extras package.

    Note – NGINX Plus R10 is the last release that will include the nginx‑plus‑extras package. We strongly recommend that you modify your installation and configuration procedures now to use the nginx‑plus package and dynamically load the modules in the nginx‑plus‑extras package that you actually use. Starting in NGINX Plus R11, this will be the only possible way to use modules that are not built into the nginx‑plus package.


Modules in the NGINX Plus Package

Core
  • Core – Control basic functioning (mutexes, events, thread pools, workers, and so on)
HTTP Core
  • HTTP Core – Process HTTP traffic
  • Addition – Prepend and append data to a response
  • Auto Index – Generate directory listings
  • Charset – Add character set in Content-Type field of HTTP response header, and define or convert between character sets
  • Empty GIF – Generate empty image response
  • Gzip – Use GZIP to compress HTTP responses
  • Gzip Static – Serve pre-compressed files from disk
  • Gunzip – Decompress responses for clients that don’t support compression
  • Headers – Add fields to HTTP response headers, including Cache-Control and Expires
  • Index – Specify index files used in directory requests
  • Random Index – Select random index file for directory request
  • Real IP – Determine true origin IP address for proxied traffic
  • SSI – Process Server Side Includes (SSI) commands
  • User ID – Set cookies that uniquely identify clients
  • WebDAV – Implement WebDAV file management
HTTP Access Control and Authentication
  • Access – Control access based on client IP address (support access control lists [ACLs])
  • Auth Basic – Implement HTTP Basic Authentication scheme
  • Auth JWT – Validate JSON Web Tokens
  • Auth Request – Determine client authorization using subrequests to external authentication server
  • Referer – Control access based on Referer field in HTTP request header
  • Secure Link – Process encrypted, time-limited links to content
HTTP Advanced Configuration
  • Browser – Create variables based on User-Agent field in HTTP request header
  • Cache Slice – Create byte-range segments of large files, for more efficient caching
  • Geo – Create variables based on client IP address
  • Map – Create variables based on other variables in requests
  • Rewrite – Test and change URI of request
  • Split Clients – Partition clients for A/B testing
  • Sub – Replace text string in response (rewrite content)
HTTP Logging and Monitoring
  • Log – Log HTTP transactions locally or to syslog
  • Status – Implement live activity monitoring
HTTP Media Delivery
  • F4F – Stream HDS (Adobe HTTP Dynamic Streaming; filename extensions .f4f, .f4m, .f4x)
  • FLV – Stream FLV (Flash Video; filename extension .flv)
  • HLS – Stream HLS (Apple HTTP Live Streaming; filename extensions .m3u8, .ts) dynamically generated from MP4 or MOV (filename extensions .m4a, .m4v, .mov, .mp4, and .qt)
  • MP4 – Stream MP4 (filename extensions .m4a, .m4v, .mp4)
  • Streaming of RTMP and DASH is provided by the third-party RTMP module in the NGINX Plus Extras package
HTTP Proxying and APIs
  • FastCGI – Proxy and cache requests to FastCGI application
  • Memcached – Proxy requests to memcached application
  • Proxy – Proxy and cache requests to HTTP server
  • SCGI – Proxy and cache requests to SCGI server
  • Upstream – Proxy and cache requests to load-balanced pools of application servers
  • uWSGI – Proxy and cache requests to uWSGI server
HTTP Transaction Shaping
  • Limit Connections – Limit concurrent connections from a client IP address or other keyed value
  • Limit Requests – Limit rate of request processing for a client IP address or other keyed value
  • Limit Responses – Limit rate of responses per client connection
HTTP/2 and SSL/TLS
  • HTTP/2 – Process HTTP/2 traffic
  • SSL/TLS – Process HTTPS traffic
Mail
  • Mail Core – Proxy mail traffic
  • Auth HTTP – Offload authentication processing from HTTP server
  • IMAP – Implement capabilities and authentication methods for IMAP
  • POP3 – Implement authentication methods for POP3 traffic
  • Proxy – Support proxy-related parameters for mail protocols
  • SMTP – Define accepted SASL authentication methods for SMTP clients
  • SSL/TLS – Implement SSL, STARTTLS, and TLS for mail protocols
TCP and UDP Load Balancing
  • Stream – Process TCP and UDP traffic
  • Access – Support IP-based access control lists (ACLs)
  • Geo – Create variables based on client IP address
  • Limit Conn – Limit concurrent connections by key
  • Map – Create variables based on other variables in requests
  • Split Clients – Partition clients for A/B testing
  • SSL/TLS – Process TCP traffic secured with SSL/TLS
  • Upstream – Proxy and cache requests to load-balanced pools of servers

NGINX Plus Dynamic Modules

GeoIP
GeoIP (nginx-plus-module-geoip) – Create variables based on the client IP address, using the precompiled MaxMind databases, for both HTTP and TCP/UDP traffic
GeoIP2
GeoIP2 (nginx-plus-module-geoip2) – Create variables based on the client IP address, using the precompiled MaxMind GeoIP2 databases.
Headers-More
Headers-More (nginx-plus-module-headers-more) – Set and clear input and output headers (third-party extension to NGINX core Headers module)
Image-Filter
Image-Filter (nginx-plus-module-image-filter) – Transform JPEG, GIF, and PNG images (for example, crop, resize, or rotate them)
Lua
Lua (nginx-plus-module-lua) – Integrate Lua coroutines into the NGINX event processing model (third-party extension)
ModSecurity
ModSecurity (nginx-plus-module-modsecurity) – Implement web application firewall
nginScript
nginScript (nginx-plus-module-njs) – Integrate JavaScript code into the NGINX event processing model for HTTP and Stream modules
Perl
Perl (nginx-plus-module-perl) – Implement location and variable handlers in Perl, and insert Perl calls into Server Side Includes (SSI)
Phusion Passenger Open Source
Phusion Passenger Open Source (nginx-plus-module-passenger) – Deploy and administer applications written in Node.js, Python, and Ruby
RTMP Media Streaming
RTMP (nginx-plus-module-rtmp) – Stream Real-Time Messaging Protocol (RTMP), Apple HTTP Live Streaming (HLS), and Dynamic Adaptive Streaming over HTTP (DASH) [third-party extension]
Set-Misc
Set-Misc (nginx-plus-module-set-misc) – Implement numerous additional set_* directives (third-party extension to NGINX core Rewrite module)
XSLT
XSLT (nginx-plus-module-xslt) – Transform XML responses using one or more XSLT stylesheets

TRY NGINX PLUS!

Download a 30 day free trial and see what you've been missing.

X

Got a question for the NGINX team?

< back
X