NGINX Documentation

NGINX Plus Technical Specifications

NGINX Plus is available in binary form only; it is not available in source form. Please inquire for additional platforms and modules.

Supported Distributions

Amazon Linux

  • 2016.09+ (x86_64)

Amazon Linux 2

  • 2017.12+ (x86_64)

CentOS

  • 6.5+ (i386, x86_64)
  • 7.0+ (x86_64, ppc64le)

Debian

  • 8.0 (i386, x86_64)
  • 9.0 (i386, x86_64)

FreeBSD

  • 10.3 (x86_64)
  • 11.0 (x86_64)

Oracle Linux

  • 6.5 (i386, x86_64)
  • 7.0 (x86_64)

Red Hat Enterprise Linux

  • 6.5 (i386, x86_64)
  • 7.0 (x86_64, ppc64le)

SUSE Linux Enterprise Server

  • 12, 12 SP1 (x86_64)

Ubuntu

  • 14.04 LTS (i386, x86_64, aarch64)
  • 16.04 LTS (i386, x86_64, ppc64le, aarch64)
  • 17.10 (i386, x86_64)

Note: CentOS, Oracle Linux, and Red Hat Enterprise Linux 6.5 users: see this advisory when upgrading to version 6.6.

Dynamic Modules

Except as specified below, dynamic modules are supported on the same distributions as NGINX Plus.

GeoIP2

  • Debian 8.0: Not supported
  • RedHat/CentOS 7.0: No ppc64le support
  • Suse Linux Enterprise Server 12: Not supported
  • Ubuntu 14.04: Not supported

Lua

  • Debian 9.0: Not supported

NGINX WAF (ModSecurity)

  • All distributions: x86_64 support only, no aarch64 or ppc64le

Wallarm

  • Amazon Linux: Not supported
  • FreeBSD: Not supported
  • Debian 9.0: Not supported
  • Suse Linux Enterprise Server 12: Not supported
  • Ubuntu 17.10: Not supported
  • All distributions: x86_64 support only, no aarch64 or ppc64le

Supported Deployment Environments

  • Bare metal
  • Container
  • Public cloud: AWS, Google Cloud Platform, Microsoft Azure
  • Virtual machine

Modules in the NGINX Plus Package

Core

  • Core – Control basic functioning (mutexes, events, thread pools, workers, and so on)

HTTP Core

  • HTTP Core – Process HTTP traffic
  • Addition – Prepend and append data to a response
  • Auto Index – Generate directory listings
  • Charset – Add character set in Content-Type field of HTTP response header, and define or convert between character sets
  • Empty GIF – Generate empty image response
  • Gzip – Use GZIP to compress HTTP responses
  • Gzip Static – Serve pre-compressed files from disk
  • Gunzip – Decompress responses for clients that don’t support compression
  • Headers – Add fields to HTTP response headers, including Cache-Control and Expires
  • Index – Specify index files used in directory requests
  • Random Index – Select random index file for directory request
  • Real IP – Determine true origin IP address for proxied traffic
  • SSI – Process Server Side Includes (SSI) commands
  • User ID – Set cookies that uniquely identify clients
  • WebDAV – Implement WebDAV file management

HTTP Access Control and Authentication

  • Access – Control access based on client IP address (support access control lists [ACLs])
  • Auth Basic – Implement HTTP Basic Authentication scheme
  • Auth JWT – Validate JSON Web Tokens
  • Auth Request – Determine client authorization using subrequests to external authentication server
  • Referer – Control access based on Referer field in HTTP request header
  • Secure Link – Process encrypted, time-limited links to content

HTTP Advanced Configuration

  • Browser – Create variables based on User-Agent field in HTTP request header
  • Cache Slice – Create byte-range segments of large files, for more efficient caching
  • Geo – Create variables based on client IP address
  • Map – Create variables based on other variables in requests
  • Rewrite – Test and change URI of request
  • Split Clients – Partition clients for A/B testing
  • Sub – Replace text string in response (rewrite content)

HTTP Logging and Monitoring

  • Log – Log HTTP transactions locally or to syslog
  • Session Log – Log HTTP transactions aggregated per session
  • Status – Implement live activity monitoring

HTTP Media Delivery

  • F4F – Stream HDS (Adobe HTTP Dynamic Streaming; filename extensions .f4f, .f4m, .f4x)
  • FLV – Stream FLV (Flash Video; filename extension .flv)
  • HLS – Stream HLS (Apple HTTP Live Streaming; filename extensions .m3u8, .ts) dynamically generated from MP4 or MOV (filename extensions .m4a, .m4v, .mov, .mp4, and .qt)
  • MP4 – Stream MP4 (filename extensions .m4a, .m4v, .mp4)
  • Streaming of RTMP and DASH is provided by the third-party RTMP module

HTTP Proxying and APIs

  • FastCGI – Proxy and cache requests to FastCGI application
  • Memcached – Proxy requests to memcached application
  • Proxy – Proxy and cache requests to HTTP server
  • SCGI – Proxy and cache requests to SCGI server
  • Upstream-Conf – Reconfigure upstream groups without restarting NGINX Plus
  • Upstream – Proxy and cache requests to load-balanced pools of application servers
  • uwsgi – Proxy and cache requests to uwsgi server

HTTP Transaction Shaping

  • Limit Connections – Limit concurrent connections from a client IP address or other keyed value
  • Limit Requests – Limit rate of request processing for a client IP address or other keyed value
  • Limit Responses – Limit rate of responses per client connection

HTTP/2 and SSL/TLS

  • HTTP/2 – Process HTTP/2 traffic
  • SSL/TLS – Process HTTPS traffic

Mail

  • Mail Core – Proxy mail traffic
  • Auth HTTP – Offload authentication processing from HTTP server
  • IMAP – Implement capabilities and authentication methods for IMAP
  • POP3 – Implement authentication methods for POP3 traffic
  • Proxy – Support proxy-related parameters for mail protocols
  • SMTP – Define accepted SASL authentication methods for SMTP clients
  • SSL/TLS – Implement SSL, STARTTLS, and TLS for mail protocols

TCP and UDP Load Balancing

  • Stream – Process TCP and UDP traffic
  • Access – Support IP-based access control lists (ACLs)
  • Geo – Create variables based on client IP address
  • Limit Conn – Limit concurrent connections by key
  • Log – Log TCP and UDP transactions
  • Map – Create variables based on other variables in requests
  • Proxy – Proxy requests to TCP and UDP servers
  • Real IP – Determine true origin IP address for proxied traffic
  • Return – Return specified value to client and close connection
  • Split Clients – Partition clients for A/B testing
  • SSL/TLS – Process TCP traffic secured with SSL/TLS
  • SSL/TLS Preread – Forward TCP traffic secured with SSL/TLS without decrypting it
  • Upstream – Proxy and cache requests to load-balanced pools of servers