Category: Uncategorized

We describe the state of our QUIC+HTTP/3 implementation, starting with a review of the work we’ve done so far. Our roadmap includes merging the nginx-quic development branch into the NGINX mainline and implementing performance optimizations. You can help by testing the implementation.

This Pride Month, Scott De Buitléir reflects on life lessons he’s learned on his LGBTQ+ rugby team, and reviews some projects undertaken by NGINX and F5 over the past year to benefit our local and global communities.

NGINX recently became the most popular web server in the world, according to W3Techs. We’re profoundly grateful to the NGINX community, who’ve brought us to this milestone, and look forward to providing even more tools to help you optimize delivery of your modern and cloud-native apps.

We have released updates to NGINX Open Source, NGINX Plus, and NGINX Ingress Controller to fix a vulnerability in DNS resolution (CVE-2021-23017). We consider the vulnerability to be low-severity, but encourage users to upgrade to the latest versions.

Strategies for shifting security left usually ignore WAF and other traditional tools for enforcing run‑time security policies. A complete modern solution needs to include WAF, but one that fits into your CI/CD pipelines and helps smooth friction between Security and DevOps.

NGINX, a part of F5, Inc., is pleased to announce that we have become the first Gold sponsor of the OWASP ModSecurity Core Rule Set (CRS) project. We look forward to working with the CRS team and helping ensure the CRS project’s long-term success.

NGINX Ingress Controller now supports single sign-on with OpenID Connect. Release 1.10.0 also introduces new configuration queue metrics, annotations on log entries, better validation of annotations and secrets, support for NGINX App Protect user-defined signatures, and more.

Guest blogger Brian Gleason advises #NetOps managers on a couple ways to get the most from, and for, their greatest asset: their people. First, make sure they have time for focus on their own priorities. Second, learn enough about network technologies to communicate well.

The modern market’s demand for speed has heightened the tension between DevOps and NetOps/SecOps teams. But you can have both developer productivity and infrastructure reliability — bridge the divide with self-service app delivery tools from NGINX.

Guest blogger Jeremy Schulman explains for network engineers (or anyone!) how to get started with an API. He outlines the different types of documentation and their pros and cons, how to take advantage of client libraries, and the ins-and-outs of authentication.

We compare the reverse proxying performance of HAProxy and NGINX. Performance is similar until the request rate is large enough for HAProxy to hit 100% CPU utilization. At that point, its performance degrades significantly while NGINX continues to experience almost no latency.

Since our last update, the NGINX Unit team has released three versions, 1.19.0 through 1.21.0. New features include support for ASGI with Python, multi-threading with several languages (Java, Perl, Python, Ruby), regular expressions in routing conditions, and more.

We present the four winners of the 2020 NGINX Hackathon for Good, who each created an app to help people affected by a social issue, using NGINX Open Source and NGINX Unit. The winning apps address unemployment, social justice volunteerism, and transparency around charitable giving.

We feature answers from our experts to three key questions about NGINX automation asked at the panel discussion we held during AnsibleFest 2020: how official roles and collections add value, how to choose which tasks to automate, and why community input is so important.

Guest blogger Jason Benedicic describes several use cases from his daily life where real-time API performance is key to a satisfactory interaction with the app: his favorite dinner-delivery service, his home office with automated controls for lighting and connectivity, and his online-only bank.

Release 1.9.0 of the NGINX Ingress Controller introduces updated NGINX App Protect features, new policies (JWT validation, rate limiting, and mTLS authentication), improved visibility with new metrics and Grafana dashboards, integration with NGINX Service Mesh, and more.

We explain why traditional API management frameworks don’t work in modern, microservices-based app environments. The NGINX API management solution embodies features our customers tell us they need now: decoupled data and control planes, multi-cloud support, and self-service.

Guest blogger Jeremy Schulman offers practical advice for network engineers charged with increasing automation. First, focus on tasks that reduce operational friction among teams. Become familiar with the tools used by various teams, and learn how to use their APIs.