Angie 1.7.0: Nginx fork with improved DoS protection

[Friend]

Angie developers have introduced a new version of their web server.

On September 19, 2024, Web Server released a new version of its Angie 1.7.0 web server, a fork of the popular Nginx. The main focus of this release is to strengthen protection against DoS attacks, improve the work with proxy connections, and optimize the build process. The version is distributed under the BSD license, and a commercial version of Angie PRO 1.7.0 is also available.

Key features in Angie 1.7.0:

• Forced closure of connections. New directives (proxy_connection_drop, grpc_connection_drop, and others) have been added to disable connections to proxy servers after they are excluded from the group.
• Improved resolver statistics. Separate counters have been introduced for different types of DNS queries sent through the status_zone directive.
• New SSL variables. Added a variable $ssl_server_cert_type to display the type of TLS connection certificate.
• Setting up a PID file. You can now disable the creation of a PID file using the off option, which is especially useful for immutable images and process manager management.

Protection against DoS attacks and logging optimization:

• The frequency of error logging in syslog is limited to one message per second.
• In the mail proxy server, it is now possible to set the maximum number of commands during the authentication process to protect against attacks.
• Restrictions on passing empty strings and invalid headers in HTTP/1.x have been introduced.

Also updated the angie-module-opentracing modules to version 0.36.0 and angie-module-lua to version 0.10.27, and made adjustments to the MIME types in the server configuration.

Source