Nginx has brought Nginx Plus R10 as the most recent version of its open source web server. This new release is targeted to improve the security and performance of applications and integrates with the initial version of ModSecurity-powered web application firewall (WAF).
The ModSecurity WAF on the newest Nginx Plus is based on ModSecurity 3. It enables security tools like IP blacklisting to protect web applications.
“Nginx Plus with ModSecurity WAF is a must‑have solution to help secure critical applications. It provides a cost‑effective alternative to inflexible and costly hardware appliances, such as those provided by F5, Citrix and Imperva, while also exceeding their capabilities with the flexibility of software,” Nginx writes in a blog post.
In addition to the firewall, clients are provided with JSON web tokens (JWT) to offer them support for authentication. The server validates JWTs to allow access to APIs. Also, Nginx has designed its dual-stack support that works with both RSA and ECC certificates.
Nginx Plus R10 allows to ‘spoof’ the source IP address. The server additionally ports HTTP and TCP connections and UDP datagrams to enable IP transparency. Furthermore, there are some improvements to TCP and UDP load balancing policies and JavaScript-based configuration and control service nginScript to improve the experience.
The latest Nginx Plus is the commercial variant of the free and open source Nginx. To add the ModSecurity WAF, clients need to pay an additional charge of $2,000 on top of the base fee of the server.