NGINX Plus Technical Specifications

NGINX Plus is available in binary form only; it is not available in source form. Please inquire for additional platforms and modules.

Supported Distributions

Amazon Linux

2017.09 (x86_64)

Amazon Linux 2

LTS (x86_64)

CentOS

6.5+ (i386, x86_64)
7.0+ (x86_64, ppc64le)

Debian

8.0 (i386, x86_64)
9.0 (i386, x86_64)

FreeBSD

10.4+ (x86_64)
11.1+ (x86_64)

Oracle Linux

6.5+ (i386, x86_64)
7.0+ (x86_64)

Red Hat Enterprise Linux

6.5+ (i386, x86_64)
7.0+ (x86_64, ppc64le)

SUSE Linux Enterprise Server

12, 12 SP1 (x86_64)

Ubuntu

14.04 LTS (i386, x86_64, aarch64)
16.04 LTS (i386, x86_64, ppc64le, aarch64)
18.04 LTS (x86_64)

Note: CentOS, Oracle Linux, and Red Hat Enterprise Linux 6.5 users: see this advisory when upgrading to version 6.6.

Dynamic Modules

Except as specified below, dynamic modules are supported on the same distributions as NGINX Plus.

GeoIP2

Debian 8.0: Not supported
RedHat/CentOS 7.0: No ppc64le support
Suse Linux Enterprise Server 12: Not supported
Ubuntu 14.04: Not supported

NGINX WAF (ModSecurity)

All distributions: x86_64 support only, no aarch64 or ppc64le

Wallarm

Amazon Linux: Not supported
FreeBSD: Not supported
Debian 9.0: Not supported
Suse Linux Enterprise Server 12: Not supported
Ubuntu 17.10, 18.04: Not supported
All distributions: x86_64 support only, no aarch64 or ppc64le

Supported Deployment Environments

Bare metal
Container
Public cloud: AWS, Google Cloud Platform, Microsoft Azure
Virtual machine

Recommended Hardware

Please see: Sizing Guide for Deploying NGINX Plus on Bare Metal Servers

Modules in the NGINX Plus Package

Core

Core – Control basic functioning (mutexes, events, thread pools, workers, and so on)

HTTP Core

HTTP Core – Process HTTP traffic
Addition – Prepend and append data to a response
Auto Index – Generate directory listings
Charset – Add character set in Content-Type field of HTTP response header, and define or convert between character sets
Empty GIF – Generate empty image response
Gzip – Use GZIP to compress HTTP responses
Gzip Static – Serve pre-compressed files from disk
Gunzip – Decompress responses for clients that don’t support compression
Headers – Add fields to HTTP response headers, including Cache-Control and Expires
Index – Specify index files used in directory requests
Random Index – Select random index file for directory request
Real IP – Determine true origin IP address for proxied traffic
SSI – Process Server Side Includes (SSI) commands
User ID – Set cookies that uniquely identify clients
WebDAV – Implement WebDAV file management

HTTP Access Control and Authentication

Access – Control access based on client IP address (support access control lists [ACLs])
Auth Basic – Implement HTTP Basic Authentication scheme
Auth JWT – Validate JSON Web Tokens
Auth Request – Determine client authorization using subrequests to external authentication server
Referer – Control access based on Referer field in HTTP request header
Secure Link – Process encrypted, time-limited links to content

HTTP Advanced Configuration

Browser – Create variables based on User-Agent field in HTTP request header
Cache Slice – Create byte-range segments of large files, for more efficient caching
Geo – Create variables based on client IP address
Map – Create variables based on other variables in requests
Rewrite – Test and change URI of request
Split Clients – Partition clients for A/B testing
Sub – Replace text string in response (rewrite content)

HTTP Logging and Monitoring

Log – Log HTTP transactions locally or to syslog
Session Log – Log HTTP transactions aggregated per session
Status – Implement live activity monitoring

HTTP Media Delivery

F4F – Stream HDS (Adobe HTTP Dynamic Streaming; filename extensions .f4f, .f4m, .f4x)
FLV – Stream FLV (Flash Video; filename extension .flv)
HLS – Stream HLS (Apple HTTP Live Streaming; filename extensions .m3u8, .ts) dynamically generated from MP4 or MOV (filename extensions .m4a, .m4v, .mov, .mp4, and .qt)
MP4 – Stream MP4 (filename extensions .m4a, .m4v, .mp4)
Streaming of RTMP and DASH is provided by the third-party RTMP module

HTTP Proxying and APIs

FastCGI – Proxy and cache requests to FastCGI application
Memcached – Proxy requests to memcached application
Proxy – Proxy and cache requests to HTTP server
SCGI – Proxy and cache requests to SCGI server
Upstream-Conf – Reconfigure upstream groups without restarting NGINX Plus
Upstream – Proxy and cache requests to load-balanced pools of application servers
uwsgi – Proxy and cache requests to uwsgi server

HTTP Transaction Shaping

Limit Connections – Limit concurrent connections from a client IP address or other keyed value
Limit Requests – Limit rate of request processing for a client IP address or other keyed value
Limit Responses – Limit rate of responses per client connection

HTTP/2 and SSL/TLS

HTTP/2 – Process HTTP/2 traffic
SSL/TLS – Process HTTPS traffic

Mail

Mail Core – Proxy mail traffic
Auth HTTP – Offload authentication processing from HTTP server
IMAP – Implement capabilities and authentication methods for IMAP
POP3 – Implement authentication methods for POP3 traffic
Proxy – Support proxy-related parameters for mail protocols
SMTP – Define accepted SASL authentication methods for SMTP clients
SSL/TLS – Implement SSL, STARTTLS, and TLS for mail protocols

TCP and UDP Load Balancing

Stream – Process TCP and UDP traffic
Access – Support IP-based access control lists (ACLs)
Geo – Create variables based on client IP address
Limit Conn – Limit concurrent connections by key
Log – Log TCP and UDP transactions
Map – Create variables based on other variables in requests
Proxy – Proxy requests to TCP and UDP servers
Real IP – Determine true origin IP address for proxied traffic
Return – Return specified value to client and close connection
Split Clients – Partition clients for A/B testing
SSL/TLS – Process TCP traffic secured with SSL/TLS
SSL/TLS Preread – Forward TCP traffic secured with SSL/TLS without decrypting it
Upstream – Proxy and cache requests to load-balanced pools of servers