For a full list of modules, see below.

There is a changelog in the support forum
A build log can be found here
Dockers can be found here

Features:

  • Latest Mainline in a debian/ubuntu package.
  • Removed debian/ubuntu branding in server signature.
  • Optimized nginx.conf
  • Added additional bots/security/hardening/proxy examples in snippets/
  • Linked all builds against latest OpenSSL+quic so there is full TLS1.3 and HTTP3/QUIC support
  • Added Optimizing TLS over TCP to reduce latency (Cloudflare patch)
  • Added recommended SSL directives, should give A+ on SSLLABS
  • kTLS is available, use “modprobe tls” and add “ssl_conf_command Options KTLS;” to the http{ } block
  • Build with AIO and threading support (better performance for eg ZFS)
  • Linked against zlib-ng for faster/better data compression (native mode)
  • Compiled with -O3 and -flto to squeeze some extra % performance.
  • Compiled with TFO (TCP Fast Open), use sysctl -w net.ipv4.tcp_fastopen=3 to enable)
  • Pagespeed: Seperately build PSOL (Page Speed Optimalisation Library) per distro
  • Docker image is on the docker hub (daily rebuilds)
  • The modsecurity core ruleset (crs, from git) is repackaged on each nginx version update.
  • Couple of lua modules, also repackaged on each nginx version update
  • Patched NGINX and OpenSSL in order to support yielding operations in ssl_session_fetch_by_lua* and ssl_certificate_by_lua*

Extra NGINX modules build from git (dynamic)

Including dynamic nginx modules in the original code base:

  • libnginx-mod-http-geoip – GeoIP Stream module
  • libnginx-mod-http-image-filter – HTTP image filter module
  • libnginx-mod-http-perl – Perl module for Nginx
  • libnginx-mod-http-xslt-filter – XSLT Transformation module
  • libnginx-mod-mail – Mail module
  • libnginx-mod-stream – Stream module
  • libnginx-mod-stream-geoip – GeoIP Stream module

Standalone Libraries provided:

  • libmodsecurity3 – v3 library component for use with the NGINX connector
  • modsecurity-crs – OWASP ModSecurity Core Rule Set
  • libjemalloc2 – You need the one on my repo, it’s build for NGINX
  • libz-ng2 – zlib data compression library for the next generation systems (native mode)
  • lua-resty – A bundle of most used lua modules for libnginx-mod-http-lua
  • lua-resty-core – New FFI-based Lua API for ngx_http_lua_module and/or ngx_stream_lua_module (openresty)
  • lua-resty-lrucache -Lua-land LRU cache based on the LuaJIT FFI. (openresty)

Custom scripts:

  • reorder-modules.sh – priotize certain nginx modules in the right order, including docker support
  • cloudflare.sh – Get the Cloudflare IP’s for include in vhost with CF-Connecting-IP

Patches:

  • 0002-Make-sure-signature-stays-the-same-in-all-nginx-buil.patch (debian)
  • nginx-fix-pidfile.patch (debian)
  • nginx__1.19.4_dynamic_tls_records.patch (cloudflare)
  • nginx_hpack_push_1.25.0.patch (cloudflare)
  • nginx-1.21.4-ssl_cert_cb_yield.patch (openresty)
  • zlib-ng.patch (zlibng)