NGINX Plus Technical Specifications

Amazon Linux

• 2017.09 (x86_64)

Amazon Linux 2

• LTS (x86_64)

CentOS

• 6.5+ (i386, x86_64)
• 7.0+ (x86_64, ppc64le)

Debian

• 8.0 (i386, x86_64)
• 9.0 (i386, x86_64)

FreeBSD

• 10.4+ (x86_64)
• 11.1+ (x86_64)

Oracle Linux

• 6.5+ (i386, x86_64)
• 7.0+ (x86_64)

Red Hat Enterprise Linux

• 6.5+ (i386, x86_64)
• 7.0+ (x86_64, ppc64le)

SUSE Linux Enterprise Server

• 12, 12 SP1 (x86_64)

Ubuntu

• 14.04 LTS (i386, x86_64, aarch64)
• 16.04 LTS (i386, x86_64, ppc64le, aarch64)
• 18.04 LTS (x86_64)

Note: CentOS, Oracle Linux, and Red Hat Enterprise Linux 6.5 users: see this advisory when upgrading to version 6.6.

GeoIP2

• Debian 8.0: Not supported
• RedHat/CentOS 7.0: No ppc64le support
• Suse Linux Enterprise Server 12: Not supported
• Ubuntu 14.04: Not supported

NGINX WAF (ModSecurity)

• All distributions: x86_64 support only, no aarch64 or ppc64le

Wallarm

• Amazon Linux: Not supported
• FreeBSD: Not supported
• Debian 9.0: Not supported
• Suse Linux Enterprise Server 12: Not supported
• Ubuntu 17.10, 18.04: Not supported
• All distributions: x86_64 support only, no aarch64 or ppc64le

Core

• Core – Control basic functioning (mutexes, events, thread pools, workers, and so on)

HTTP Core

• HTTP Core – Process HTTP traffic
• Addition – Prepend and append data to a response
• Auto Index – Generate directory listings
• Charset – Add character set in Content-Type field of HTTP response header, and define or convert between character sets
• Empty GIF – Generate empty image response
• Gzip – Use GZIP to compress HTTP responses
• Gzip Static – Serve pre-compressed files from disk
• Gunzip – Decompress responses for clients that don’t support compression
• Headers – Add fields to HTTP response headers, including Cache-Control and Expires
• Index – Specify index files used in directory requests
• Random Index – Select random index file for directory request
• Real IP – Determine true origin IP address for proxied traffic
• SSI – Process Server Side Includes (SSI) commands
• User ID – Set cookies that uniquely identify clients
• WebDAV – Implement WebDAV file management

HTTP Access Control and Authentication

• Access – Control access based on client IP address (support access control lists [ACLs])
• Auth Basic – Implement HTTP Basic Authentication scheme
• Auth JWT – Validate JSON Web Tokens
• Auth Request – Determine client authorization using subrequests to external authentication server
• Referer – Control access based on Referer field in HTTP request header
• Secure Link – Process encrypted, time-limited links to content

HTTP Advanced Configuration

• Browser – Create variables based on User-Agent field in HTTP request header
• Cache Slice – Create byte-range segments of large files, for more efficient caching
• Geo – Create variables based on client IP address
• Map – Create variables based on other variables in requests
• Rewrite – Test and change URI of request
• Split Clients – Partition clients for A/B testing
• Sub – Replace text string in response (rewrite content)

HTTP Logging and Monitoring

• Log – Log HTTP transactions locally or to syslog
• Session Log – Log HTTP transactions aggregated per session
• Status – Implement live activity monitoring

HTTP Media Delivery

• F4F – Stream HDS (Adobe HTTP Dynamic Streaming; filename extensions .f4f, .f4m, .f4x)
• FLV – Stream FLV (Flash Video; filename extension .flv)
• HLS – Stream HLS (Apple HTTP Live Streaming; filename extensions .m3u8, .ts) dynamically generated from MP4 or MOV (filename extensions .m4a, .m4v, .mov, .mp4, and .qt)
• MP4 – Stream MP4 (filename extensions .m4a, .m4v, .mp4)
• Streaming of RTMP and DASH is provided by the third-party RTMP module

HTTP Proxying and APIs

• FastCGI – Proxy and cache requests to FastCGI application
• Memcached – Proxy requests to memcached application
• Proxy – Proxy and cache requests to HTTP server
• SCGI – Proxy and cache requests to SCGI server
• Upstream-Conf – Reconfigure upstream groups without restarting NGINX Plus
• Upstream – Proxy and cache requests to load-balanced pools of application servers
• uwsgi – Proxy and cache requests to uwsgi server

HTTP Transaction Shaping

• Limit Connections – Limit concurrent connections from a client IP address or other keyed value
• Limit Requests – Limit rate of request processing for a client IP address or other keyed value
• Limit Responses – Limit rate of responses per client connection

HTTP/2 and SSL/TLS

• HTTP/2 – Process HTTP/2 traffic
• SSL/TLS – Process HTTPS traffic

Mail

• Mail Core – Proxy mail traffic
• Auth HTTP – Offload authentication processing from HTTP server
• IMAP – Implement capabilities and authentication methods for IMAP
• POP3 – Implement authentication methods for POP3 traffic
• Proxy – Support proxy-related parameters for mail protocols
• SMTP – Define accepted SASL authentication methods for SMTP clients
• SSL/TLS – Implement SSL, STARTTLS, and TLS for mail protocols

TCP and UDP Load Balancing

• Stream – Process TCP and UDP traffic
• Access – Support IP-based access control lists (ACLs)
• Geo – Create variables based on client IP address
• Limit Conn – Limit concurrent connections by key
• Log – Log TCP and UDP transactions
• Map – Create variables based on other variables in requests
• Proxy – Proxy requests to TCP and UDP servers
• Real IP – Determine true origin IP address for proxied traffic
• Return – Return specified value to client and close connection
• Split Clients – Partition clients for A/B testing
• SSL/TLS – Process TCP traffic secured with SSL/TLS
• SSL/TLS Preread – Forward TCP traffic secured with SSL/TLS without decrypting it
• Upstream – Proxy and cache requests to load-balanced pools of servers