nginx 1.24.0 has already been released and these are its news

Nginx

Nginx is a high-performance lightweight web server/reverse proxy and proxy

After 11 months of development, the launch of the new stable branch of high-performance HTTP server and multi-protocol proxy server nginx 1.24.0, which incorporates the cumulative changes in the 1.23.x main branch.

In the future, all changes in the 1.24 stable branch will be related to the removal of serious bugs and vulnerabilities. Soon, the main branch of nginx 1.25 will be formed, in which the development of new features will continue.

According to Netcraft's March report, nginx is used on 18,94% of all active sites (20,08% one year ago, 20,15% two years ago), which is the second most popular site in this category. (Apache's share corresponds to 20,52% (22,58% a year ago, two platforms based on nginx and LuaJIT) – 7,94% (8,01%).

Main news in nginx 1.24.0

In this new version that comes from nginx 1.24.0 TLSv1.3 protocol is enabled by default And it is that it includes many security and performance improvements, in addition to helping to speed up encrypted connections even more with options such as TLS false start and Zero Round Trip Time (0RTT).

Another notable change in the new version is that we provided automatic encryption key rotation for TLS session tickets, which are used when using shared memory in the ssl_session_cache directive.

On Windows, added support for characters that are not ASCII in file names to the ngx_http_autoindex_module and ngx_http_dav_module modules, as well as the includes directive. On Windows, nginx is also built with OpenSSL 3.0.

Of the other changes which stand out from nginx 1.24.0:

  • Added support for the "$proxy_protocol_tlv_*" variables, which store the values ​​of the TLV (Type-Length-Value) fields that appear in the PROXY v2 Type-Length-Value protocol.
  • Added support for byte ranges to the ngx_http_gzip_static_module module.
  • Added the ipv4=off parameter to the resolver directive, which allows you to disable IPv4 address lookup when resolving names and addresses.
  • Redesigned internal API, header lines are now passed as a linked list.
  • Provided concatenation of identically named header strings when passed to FastCGI, SCGI and uwsgi backends, in the $r->header_in() method of ngx_http_perl_module and in the variables "$http_…", "$sent_http_…", "$ sent_trailer_…”, “$upstream_http_…” and “$upstream_trailer_…”.
  • Provided a warning in case of overriding the configuration of the protocols used for the listening socket.
  • The logging level of many SSL errors has been downgraded from Critical to Informational.
  • Optimized memory consumption in configurations with SSL proxy.
  • Change: Log level of "data length too long", "length too short", "bad legacy version", "no shared signature algorithms", "bad digest length", "missing sigalgs extension", "encrypted length too long" », «bad length», «bad key update», «mixed handshake and non handshake data», «ccs received early», «data between ccs and finished», «packet length too long», «too many warn alerts», "record too small", and "got a fin before a ccs".

Finally if you are interested in knowing more about it you can check the details In the following link.

For ordinary users who do not have the task of ensuring compatibility with third-party modules, it is recommended to use the main branch, based on which versions of the commercial product Nginx Plus are formed every three months.

Get nginx 1.24.0

For those interested in being able to obtain the new version, they must do the following, depending on the case of their distribution.

For RHEL and derivatives, you must add the repository with the following command:

sudo nano /etc/yum.repos.d/nginx.repo

And add this at the end

[nginx]
name=nginx repo
baseurl=https://nginx.org/packages/rhel/$releasever/$basearch/
gpgcheck=0
enabled=1

And we install with:

dnf install nginx

While for Ubuntu and derivatives of it, they must type the following:

sudo nano etc/apt/sources.list.d/nginx.list

And add this to the file:

deb https://nginx.org/packages/ubuntu/ $(lsb_release -sc) nginx
deb-src https://nginx.org/packages/ubuntu/ $(lsb_release -sc) nginx

And we proceed to install with:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys $key
sudo apt update
sudo apt install nginx

Finally, for those who prefer the compilation of the package, this can be done with the following commands (once already downloaded and being inside the code directory):

./configure
make
sudo make install

Be the first to comment

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.