NGINX Plus Technical Specifications

NGINX Plus is available in binary form only; it is not available in source form.
Please inquire for additional platforms and modules.

Supported Distributions

12.04 LTS, 14.04 LTS, 15.04, 15.10
(i386, x86_64)
14.04 LTS (AArch64/ARM64)
CentOS
5.10+, 6.5+ (i386, x86_64)
7.0+ (x86_64)

Platform Limitations
5.10+: nginx-plus-extras not available (no OS support for Lua); SPDY and HTTP/2 not supported by OS OpenSSL library
6.5+: See this advisory when upgrading to 6.6
FreeBSD
9.3, 10.1+ (amd64)
5.10+, 6.5+ (i386, x86_64)
7.0+ (x86_64)

Platform Limitations
5.10+: nginx-plus-extras not available (no OS support for Lua); SPDY and HTTP/2 not supported by OS OpenSSL library
6.5+: See this advisory when upgrading to 6.6
Red Hat
5.10+, 6.5+ (i386, x86_64)
7.0+ (x86_64)

Platform Limitations
5.10+: nginx-plus-extras not available (no OS support for Lua); SPDY and HTTP/2 not supported by OS OpenSSL library
6.5+: See this advisory when upgrading to 6.6
7.0, 8.0 (i386, x86_64)
SUSE Linux Enterprise Server
12 (x86_64)
Amazon Linux 2015.09+ (x86_64)
Ubuntu
Ubuntu 14.04 LTS

Supported Deployment Environments

Deploy NGINX Plus in hardware supported environments.
Hardware
Deploy NGINX Plus in a virtual machine or container supported environment.
Virtual Machine or Container
NGINX Plus can be deployed in cloud environments.
Cloud

NGINX Plus Features

A complete set of web serving, proxying, acceleration, and load-balancing capabilities for both HTTP-based and TCP-based services

Protocols and Performance
  • HTTP/1.1, HTTP/2, HTTPS, WebSocket
  • IMAP, POP3, SMTP with HTTPS and external HTTP-based authentication
  • IPv4 and IPv6
  • 1 million concurrent connections
  • 10,000+ virtual servers multi-tenancy
  • Connection multiplexing pools for low-latency communications
Load Balancing
  • Full Layer 7 reverse proxy
  • Load balancing of HTTP traffic, including HTTP, HTTPS, FastCGI, memcached, SCGI, uWSGI
  • Load balancing of TCP traffic
  • URL/URI content-based request routing
  • Reverse proxy and load balancer with choice of algorithms (Round Robin, Hash, IP Hash, Least Connections, Least Time)
  • Session persistence with cookie-insert, session-learn, and defined-route methods
  • Session draining for easy maintenance
  • Health monitoring of backend applications with synthetic transactions and slow start
High Availability
  • Active-standby clusters using VRRP (keepalived)
  • Live binary upgrades to eliminate downtime
  • Graceful restart with non-stop request processing
Security
  • Bandwidth, connection, and request policing for HTTP and TCP services
  • Protocol isolation and request filtering
  • Header scrubbing and manipulation
  • IP-based access control lists (ACLs)
  • Proxying requests with NTLM authentication
Edge Cache and Origin Server
  • Content offload and caching
  • Lightweight cache revalidation
  • Support for Vary field in HTTP header to control caching
  • Serving of cached (stale) content when origin server fails
  • On-the-fly content compression and optimization
  • Segmenting large files into byte ranges, for more efficient caching
  • HTTP video streaming with support for FLV, HDS, HLS, and MP4 formats
SSL/TLS Processing
  • SSL, SNI, TLSv1.1, and TLSv1.2
  • Support for RSA, DSA, ECC, and Perfect Forward Secrecy key exchange
  • Client and server-side certificate validation for client-side and upstream-side connections
  • OCSP stapling
Logging, Monitoring, and Configuration
  • On-the-fly reconfiguration of upstream server pools, with changes optionally persistent across restarts and configuration reloads
  • Live activity monitoring
  • GeoIP configuration decisions
  • Logging of HTTP transactions locally or to syslog
Additional Features
Recommended Hardware
NGINX Plus was designed and optimized for use on generic server hardware. For an edge server capable of serving 3 to 6 Gbps of live traffic and 20,000 to 50,000 requests per second, we commonly recommend the following:
  • 2 modern x86_64 CPUs with 4 to 8 cores per CPU
  • 16 to 32 GB RAM
  • 6 x 250-GB SSD drives (if required for cache and storage)
  • 10-GbE Intel networking card
Packages
  • nginx-plus: Standard NGINX modules and additional NGINX Plus features (see the Modules in the NGINX Plus Package section below). Supports HTTP/2.
  • nginx-plus-extras: NGINX Plus with additional modules: GeoIP, Headers-More, Image Filter, Lua, Phusion Passenger, Perl, Redis, RTMP, Set-Misc, and XSLT (see the Modules in the NGINX Plus Extras Package section below). Supports HTTP/2.

Modules in the NGINX Plus Package

HTTP Core
  • HTTP Core: Process HTTP traffic
  • Addition: Prepend and append data to a response
  • Auto Index: Generate directory listings
  • Charset: Add character set in Content-Type field of HTTP response header, and define or convert between character sets
  • Empty GIF: Generate empty image response
  • Gzip: Use GZIP to compress HTTP responses
  • Gzip Static: Serve pre-compressed files from disk
  • Gunzip: Decompress responses for clients that don’t support compression
  • Headers: Add fields to HTTP response headers, including Cache-Control and Expires
  • Index: Specify index files used in directory requests
  • Random Index: Select random index file for directory request
  • Real IP: Determine true origin IP address for proxied traffic
  • SSI: Process Server Side Includes (SSI) commands
  • User ID: Set cookies that uniquely identify clients
  • WebDAV: Implement WebDAV file management
HTTP Advanced Configuration
  • Browser: Create variables based on User-Agent field in HTTP request header
  • Cache Slice: Create byte-range segments of large files, for more efficient caching
  • Geo: Create variables based on client IP address
  • Map: Create variables based on other variables in requests
  • Rewrite: Test and change URI of request
  • Split Clients: Partition clients for A|B testing
  • Sub: Replace text string in response (rewrite content)
HTTP/2 and SSL/TLS
HTTP Access Control and Authentication
  • Access: Control access based on client IP address (support access control lists [ACLs])
  • Auth Basic: Implement HTTP Basic Authentication scheme
  • Auth Request: Determine client authorization using subrequests to external authentication server
  • Referer: Control access based on Referer field in HTTP request header
  • Secure Link: Process encrypted, time-limited links to content
HTTP Transaction Shaping
  • Limit Connections: Limit concurrent connections from a client IP address or other keyed value
  • Limit Requests: Limit rate of request processing for a client IP address or other keyed value
  • Limit Responses: Limit rate of responses per client connection
HTTP Logging and Monitoring
  • Log: Log HTTP transactions locally or to syslog
  • Status: Implement live activity monitoring
HTTP Proxying and APIs
  • FastCGI: Proxy and cache requests to FastCGI application
  • Memcached: Proxy requests to memcached application
  • Proxy: Proxy and cache requests to HTTP server
  • SCGI: Proxy and cache requests to SCGI server
  • Upstream: Proxy and cache requests to load-balanced pools of application servers
  • uWSGI: Proxy and cache requests to uWSGI server
HTTP Media Delivery
  • F4F: Stream HDS (Adobe HTTP Dynamic Streaming; filename extensions .f4f, .f4m, .f4x)
  • FLV: Stream FLV (Flash Video; filename extension .flv)
  • HLS: Stream HLS (Apple HTTP Live Streaming; filename extensions .m3u8, .ts) dynamically generated from MP4 or MOV (filename extensions .m4a, .m4v, .mov, .mp4, and .qt)
  • MP4: Stream MP4 (filename extensions .m4a, .m4v, .mp4)
  • Streaming of RTMP and DASH is provided by the third-party RTMP module in the NGINX Plus Extras package
Mail
  • Mail Core: Proxy mail traffic
  • Auth HTTP: Offload authentication processing from HTTP server
  • IMAP: Implement capabilities and authentication methods for IMAP
  • POP3: Implement authentication methods for POP3 traffic
  • Proxy: Support proxy-related parameters for mail protocols
  • SMTP: Define accepted SASL authentication methods for SMTP clients
  • SSL: Implement SSL, STARTTLS, and TLS for mail protocols
TCP Load Balancing
  • Stream: Process TCP traffic
  • Access: Support IP-based access control lists (ACLs)
  • Limit Conn: Limit concurrent connections by key
  • SSL/TLS: Process TCP traffic secured with SSL/TLS
  • Upstream: Proxy and cache requests to load-balanced pools of servers

Modules in the NGINX Plus Extras Package

GeoIP
GeoIP: Create variables based on the client IP address, using the precompiled MaxMind databases
Headers-More
Headers-More: Set and clear input and output headers (third-party extension to NGINX core Headers module)
Image-Filter
Image-Filter: Transform JPEG, GIF, and PNG images (for example, crop, resize, or rotate them)
Lua
Lua: Integrate Lua coroutines into the NGINX event processing model (third-party extension)
Perl
Perl: Implement location and variable handlers in Perl, and insert Perl calls into Server Side Includes (SSI)
Phusion Passenger Open Source
Phusion Passenger Open Source: Deploy and administer applications written in Node.js, Python, and Ruby
Redis
Redis: Access Redis database through Lua (third-party extension)
RTMP Media Streaming
RTMP: Stream Real-Time Messaging Protocol (RTMP), Apple HTTP Live Streaming (HLS), and Dynamic Adaptive Streaming over HTTP (DASH) [third-party extension]
Set-Misc
Set-Misc: Implement numerous additional set_* directives (third-party extension to NGINX core Rewrite module)
XSLT
XSLT: Transform XML responses using one or more XSLT stylesheets

TRY NGINX PLUS!

Download a 30 day free trial and see what you've been missing.

X

Contact Sales

Got a question for the NGINX team?

X
X
TRY NGINX PLUS!
Download and activate a 30-day free trial
to get better application performance.
And a free NGINX shirt.

These fields are also used for shipping.
Currently we are shipping to US only.

Partner Credit

Request a $500 Google Cloud Platform Credit!

X