this nginx version is outdated and dangerous. Got DoS attacked!

Question

this nginx version is outdated and dangerous. Got DoS attacked!

Closed this issue 6 years ago · 4 comments

This nginx version is not up to date.
We got DoS attacked today by this http/2 issue https://news.softpedia.com/news/nginx-security-issues-expose-more-than-14-million-servers-to-dos-attacks-523659.shtml

I really loved your modularity approach but this all means nothing when we can get attacked. Really sad I loose brotli and Google pagespeed for my old sites now :(

Seems the only good way to keep nginx with features is to compile it yourself (I hate this route ... I want to install stuff not custom compile it).

Answer 1 · 2018-11-13T17:21:52.000Z

I had some issues, but hope it would be updated soon. Unfortunately my last attempts (about 8 month ago) to do updates automatic with script failed, since modules need manual patching too freq.

Answer 2 · 2018-11-24T14:24:36.000Z

Help with update is welcome: #28

Answer 3 · 2018-11-24T19:01:34.000Z

Closed in cae5a1f

Answer 4 · 2018-11-29T11:11:17.000Z

amazing @cryptofuture thanks a lot!