NGINX Plus Release 24 (R24) that is based on NGINX Open Source has been released. It comes with new features and important changes in behavior. NGINX offers its open-source web server that can also serve as a reverse proxy, load balancer, mail proxy, and HTTP cache.
Encrypted JSON Web Tokens, upgraded NGINX JavaScript Module, Integration with F5 Device ID+ are the new features in NGINX Plus R24. NGINX Plus is a cloud-native, easy-to-use reverse proxy, load balancer, and API gateway.
New features
Building on the support for signed JSON Web Tokens (JWTs) in earlier releases, NGINX Plus now supports encrypted JWTs for confidentiality and data integrity of sensitive information when stored in web browsers and other clients.
NGINX Plus R24 and later supports both signed and encrypted JWTs. Signed tokens are the default, and require no explicit configuration. The new auth_jwt_type directive configures JWT encryption. You define the encryption (or signing) algorithm and key usage in the JWT key file named by the auth_jwt_key_file directive. NGINX Plus R24 and later supports the following encryption methods.
| JWE key management algorithms |
|
| JWE content encryption algorithms |
|
Development of the NGINX JavaScript module (njs)
NGINX Plus R24 marks a major milestone in the development of the NGINX JavaScript module (njs), now at 0.5.3. There are two important enhancements that enable you to extend NGINX Plus with custom solutions for a wide variety of use cases:
- Response filtering for both the headers and bodies of HTTP responses
- An embedded HTTP client that can be used to make HTTP requests during HTTP or TCP/UDP processing
For traffic not being manipulated with the NGINX JavaScript module, response filtering is implemented in the Substitution module.
Integration with F5 Device ID+ provides identifying each device visiting your site, enabling stronger protection against known bad actors and customized user experiences for returning visitors. Deployment is simple, with immediate benefits for your security, networking, fraud, and digital teams.
Changes to platform support
- New operating systems supported:
– Alpine Linux 3.13 (aarch64, amd64)
– CentOS 7.4+ (aarch64, in addition to x86_64 and ppc64le)
– FreeBSD 13 (amd64)
– SLES 15 SP2
- Older operating systems removed:
– Debian 9 is no longer supported; the oldest supported version is 10
- Older operating systems deprecated and scheduled for removal in NGINX Plus R25:-Alpine Linux 3.10
– Amazon Linux 1 (2018.03+)
– FreeBSD 11
-Ubuntu 16.04 LTS
NGINX Plus features active health checks, session persistence based on cookies, DNS-service-discovery integration, Cache Purging API, AppDynamic, Datalog, Dynatrace New Relic plug-ins, Active-Active HA with config sync, Key-Value Store, and WAF dynamic module.