|
|
9f2907 |
#############
|
|
|
9f2907 |
Upgrade notes
|
|
|
9f2907 |
#############
|
|
|
9f2907 |
|
|
|
9f2907 |
To resolve numerous security flaws, the nginx package was updated to 1.10.x.
|
|
|
9f2907 |
|
|
|
9f2907 |
You should review your configuration files in /etc/nginx to determine if there
|
|
|
9f2907 |
are any incompatibilities. Below is a summary of the main incompatible changes.
|
|
|
9f2907 |
Some nginx directives have been changed or removed, so you may need to modify
|
|
|
9f2907 |
your configuration.
|
|
|
9f2907 |
|
|
|
9f2907 |
Please see upstream release notes for a complete list of new features,
|
|
|
9f2907 |
bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
|
|
|
9f2907 |
One notable feature is support for HTTP/2.
|
|
|
9f2907 |
|
|
|
9f2907 |
Nginx gained support for dynamic modules. As part of this update, dynamic
|
|
|
9f2907 |
modules have been split into subpackages. For the time being these are hard
|
|
|
9f2907 |
dependencies to aid the upgrade path. When you install nginx, all of these
|
|
|
9f2907 |
modules are installed and enabled by default:
|
|
|
9f2907 |
- nginx-mod-http-geoip
|
|
|
9f2907 |
- nginx-mod-http-image-filter
|
|
|
9f2907 |
- nginx-mod-http-perl
|
|
|
9f2907 |
- nginx-mod-http-xslt-filter
|
|
|
9f2907 |
- nginx-mod-mail
|
|
|
9f2907 |
- nginx-mod-stream
|
|
|
9f2907 |
|
|
|
9f2907 |
Changes with nginx 1.10.x
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
|
|
|
9f2907 |
passed to the next server by default if a request has been sent to a
|
|
|
9f2907 |
backend; the "non_idempotent" parameter of the "proxy_next_upstream"
|
|
|
9f2907 |
directive explicitly allows retrying such requests.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: now the "output_buffers" directive uses two buffers by
|
|
|
9f2907 |
default.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: now nginx limits subrequests recursion, not simultaneous
|
|
|
9f2907 |
subrequests.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: now nginx checks the whole cache key when returning a
|
|
|
9f2907 |
response from cache.
|
|
|
9f2907 |
Thanks to Gena Makhomed and Sergey Brester.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
|
|
|
9f2907 |
directives of the stream module are replaced with the
|
|
|
9f2907 |
"proxy_buffer_size" directive.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: duplicate "http", "mail", and "stream" blocks are now
|
|
|
9f2907 |
disallowed.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: now SSLv3 protocol is disabled by default.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: some long deprecated directives are not supported anymore.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: obsolete aio and rtsig event methods have been removed.
|
|
|
9f2907 |
|
|
|
9f2907 |
Changes with nginx 1.8.x
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: the "sendfile" parameter of the "aio" directive is
|
|
|
9f2907 |
deprecated; now nginx automatically uses AIO to pre-load data for
|
|
|
9f2907 |
sendfile if both "aio" and "sendfile" directives are used.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: now the "If-Modified-Since", "If-Range", etc. client request
|
|
|
9f2907 |
header lines are passed to a backend while caching if nginx knows in
|
|
|
9f2907 |
advance that the response will not be cached (e.g., when using
|
|
|
9f2907 |
proxy_cache_min_uses).
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: now after proxy_cache_lock_timeout nginx sends a request to a
|
|
|
9f2907 |
backend with caching disabled; the new directives
|
|
|
9f2907 |
"proxy_cache_lock_age", "fastcgi_cache_lock_age",
|
|
|
9f2907 |
"scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
|
|
|
9f2907 |
after which the lock will be released and another attempt to cache a
|
|
|
9f2907 |
response will be made.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: the "log_format" directive can now be used only at http
|
|
|
9f2907 |
level.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: now nginx takes into account the "Vary" header line in a
|
|
|
9f2907 |
backend response while caching.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: the deprecated "limit_zone" directive is not supported
|
|
|
9f2907 |
anymore.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: now the "stub_status" directive does not require a parameter.
|
|
|
9f2907 |
|
|
|
9f2907 |
*) Change: URI escaping now uses uppercase hexadecimal digits.
|
|
|
9f2907 |
Thanks to Piotr Sikora.
|
|
|
9f2907 |
|