The NGINX Unit WebAssembly module “technology preview” showcases the potential for server-side Wasm while providing a lightweight server for running web applications.
Liam Crilly
Job title : Sr Director, Product Management
Company : F5
Sort by
Addressing Security Weaknesses in the NGINX LDAP Reference Implementation
We describe security vulnerabilities recently discovered in the NGINX LDAP reference implementation, and how to mitigate them. NGINX Open Source and NGINX Plus are not affected, and no corrective action is required if you do not use the reference implementation.
Mitigating the log4j Vulnerability (CVE-2021-44228) with NGINX
NGINX can help you protect your apps against the Log4Shell vulnerability in Apache log4j (CVE-2021-44228), with NGINX App Protect, NGINX ModSecurity WAF, or a script using the NGINX JavaScript Module.
Authenticating API Clients with JWT and NGINX Plus
With NGINX Plus as an API gateway, you can use JSON Web Tokens (JWTs) to control access to your APIs. We explain how to configure the gateway for JWT-based authentication, issue JWTs to API clients, rate limit, log claims from the JWT, and revoke JWTs.
Scaling MySQL with TCP Load Balancing and Galera Cluster
TCP load balancing of MySQL nodes in a Galera cluster takes advantage of NGINX Plus' advanced features, including high availability, health checks, logging, and monitoring. We also use NGINX JavaScript to extract the contents of request and response packets for logging the SQL method in each client request.
Our Roadmap for QUIC and HTTP/3 Support in NGINX
We describe the state of our QUIC+HTTP/3 implementation, starting with a review of the work we've done so far. Our roadmap includes merging the nginx-quic development branch into the NGINX mainline and implementing performance optimizations. You can help by testing the implementation.
Updating NGINX for a DNS Resolver Vulnerability (CVE-2021-23017)
We have released updates to NGINX Open Source, NGINX Plus, and NGINX Ingress Controller to fix a vulnerability in DNS resolution (CVE-2021-23017). We consider the vulnerability to be low-severity, but encourage users to upgrade to the latest versions.
Announcing NGINX Plus Release 24
Learn about the latest release of NGINX Plus and how it can help you solve your most pressing traffic management and security challenges.
Harnessing the Power and Convenience of JavaScript for Each Request with the NGINX JavaScript Module
The NGINX JavaScript module is a bespoke JavaScript implementation for extending NGINX and NGINX Plus functionality. We continually add new features and publish use cases that take advantage of them. The blog includes a complete use case list.
