Web Server

Nginx Releases

Q: Should I use Nginx mainline or stable in production?

The Nginx team officially recommends mainline for most users. Mainline gets all bug fixes, security patches, and new features first. Stable only receives critical bug fixes and security patches, and new features never backport. The "stable" label means the API is stable, not that it is more reliable. Most distro packages (Ubuntu, Debian) ship stable by default, which is why many teams end up on it, but if you manage your own packages, mainline is the better choice.

Q: How does Nginx versioning work?

Nginx uses odd/even minor version numbering. Odd minor versions (1.25, 1.27) are mainline (development). Even minor versions (1.26, 1.28) are stable, forked from the previous mainline when it is considered ready. Patch versions within each branch are sequential. There is no formal EOL policy: old branches simply stop receiving updates when the next branch starts.

Q: Does Nginx support HTTP/3 and QUIC?

Yes. Experimental QUIC support landed in Nginx 1.25.0 (mainline) in May 2023 and stabilized in 1.26.0 (stable). You need to compile with --with-http_v3_module or use the quic packages from nginx.org. HTTP/3 requires TLS 1.3 and typically uses UDP port 443. Major CDNs (Cloudflare, AWS CloudFront) already handle QUIC at the edge, so enabling it on your origin is only useful for direct client connections.

Q: What is the difference between Nginx OSS and Nginx Plus?

Nginx OSS is the free open-source web server. Nginx Plus (from F5 Networks) adds commercial features: active health checks, session persistence, JWT auth, dynamic reconfiguration API, live activity monitoring dashboard, and official support. Pricing starts around $2,500/year per instance. For most use cases, OSS with community modules is sufficient.

Q: How do I upgrade Nginx safely?

Nginx supports binary upgrades without downtime using its master/worker architecture. Send USR2 to the master process to start a new master with the updated binary, then WINCH to gracefully shut down old workers. On systemd systems, a simple package update and systemctl reload usually suffices. Always test your config with nginx -t before reloading.

Q: Is Nginx being replaced by newer proxies?

Nginx still powers roughly 35% of all websites (Netcraft, 2025) and remains the default choice for most production deployments. Newer proxies like Envoy, Traefik, and Caddy have carved out niches (Envoy for service mesh, Traefik for container auto-discovery, Caddy for automatic HTTPS), but Nginx dominance in general web serving and reverse proxying is not threatened. Its performance, maturity, and documentation depth are unmatched.

Track every Nginx release across mainline and stable branches. Version lifecycle, HTTP/3 and QUIC support timeline, security patch cadence, and production upgrade guidance.

Official Site Documentation

—

Total Versions

—

Supported

—

Latest

Version Timeline

All tracked releases with lifecycle status and EOL dates.

Loading version data…

Lifecycle Timeline

Visual overview of active support and maintenance windows.

1.22 stable

1.23 mainline

1.24 stable

1.25 mainline

1.26 stable

1.27 mainline

1.28 stable

2021 2022 2023 2024 2025 2026 2027 2028

Active

Maint

Active

Maint

Active

Maint

Active

Maint

Active / LTS

Maintenance

Today

Upgrade Paths

Migration guidance between major versions — breaking changes, effort estimates, and tips.

1.22/1.24 stable 1.26 stable Low Difficulty

Est. < 30 minutes

Breaking Changes

HTTP/3 (QUIC) module now available (opt-in)
OpenSSL 3.0+ recommended for full TLS 1.3 / QUIC support
Deprecated listen parameters removed in some configurations
Updated default cipher suite ordering

Migration Notes

Stable-to-stable upgrades are almost always seamless. Run nginx -t against your existing config, update the package, reload. The only risk is if you relied on deprecated directives that were finally removed. HTTP/3 is available but not enabled by default.

1.26 stable 1.27 mainline Low Difficulty

Est. < 30 minutes

Breaking Changes

Mainline includes experimental features that may change
New directives for enhanced stream processing
Updated upstream health check behavior

Migration Notes

Moving from stable to mainline is straightforward. Same config syntax, same module API. The main consideration is that mainline receives more frequent updates (roughly monthly), so plan for regular patching.

1.x (any) Nginx Plus Medium Difficulty

Est. 1-2 hours + licensing

Breaking Changes

Different package repositories and licensing
Plus-specific directives for health checks, JWT, etc.
Configuration API (dynamic upstream management)
Monitoring dashboard setup

Migration Notes

Your existing config works as-is on Plus. The upgrade is more about licensing and adding Plus-specific features incrementally. F5 provides migration guides and support.

Version Risk Assessment

Evaluate risk factors before choosing a version for production.

Version	EOL Risk	CVE Risk	Ecosystem	Cloud Support	Overall	Recommended Action
Nginx 1.22 and older	Critical	High	Abandoned	Varies	Critical	No patches — upgrade to 1.26+ immediately
Nginx 1.24 stable	High	Medium	Unsupported	Full	High	Superseded by 1.26 — upgrade soon
Nginx 1.25 mainline	High	Medium	Unsupported	Full	High	Superseded by 1.27 mainline
Nginx 1.26 stable	Low	Low	Active	Full	Low	Current stable — recommended for production
Nginx 1.27 mainline	Low	Low	Active	Full	Low	Current mainline — latest features

Nginx does not publish formal EOL dates. Risk is based on how far behind the current branch a version is. Older branches stop receiving any patches, including security fixes.

Nginx Version Feature Comparison

Side-by-side feature differences across major versions.

Feature	1.22	1.24	1.25	1.26	1.27
HTTP/3 (QUIC)	No	No	Experimental	Stable	Stable
OpenSSL 3.x support	Partial	Full	Full	Full	Full
PCRE2 support	Optional	Default	Default	Default	Default
Virtual server SNI	Basic	Improved	Improved	Enhanced	Enhanced
Stream (TCP/UDP) proxy	Stable	Stable	Stable	Enhanced	Enhanced
gRPC proxying	Stable	Stable	Stable	Stable	Stable
Mirror module	Stable	Stable	Stable	Stable	Stable
OTEL tracing	No	No	Experimental	Stable	Enhanced
Upstream zone improvements	Basic	Basic	Improved	Improved	Enhanced

Embed Badges

Add live Nginx status badges to your README, docs, or dashboard.

Health Status

Overall support health

![Nginx Health Status](https://img.releaserun.com/badge/health/nginx.svg)

EOL Countdown

Next end-of-life date

![Nginx EOL Countdown](https://img.releaserun.com/badge/eol/nginx.svg)

Latest Version

Current stable release

![Nginx Latest Version](https://img.releaserun.com/badge/v/nginx.svg)

CVE Status

Known vulnerabilities

![Nginx CVE Status](https://img.releaserun.com/badge/cve/nginx.svg)

Frequently Asked Questions

Common questions about Nginx releases and lifecycle.

Should I use Nginx mainline or stable in production?

The Nginx team officially recommends mainline for most users. Mainline gets all bug fixes, security patches, and new features first. Stable only receives critical bug fixes and security patches, and new features never backport. The "stable" label means the API is stable, not that it is more reliable. Most distro packages (Ubuntu, Debian) ship stable by default, which is why many teams end up on it, but if you manage your own packages, mainline is the better choice.

How does Nginx versioning work?

Nginx uses odd/even minor version numbering. Odd minor versions (1.25, 1.27) are mainline (development). Even minor versions (1.26, 1.28) are stable, forked from the previous mainline when it is considered ready. Patch versions within each branch are sequential. There is no formal EOL policy: old branches simply stop receiving updates when the next branch starts.

Does Nginx support HTTP/3 and QUIC?

Yes. Experimental QUIC support landed in Nginx 1.25.0 (mainline) in May 2023 and stabilized in 1.26.0 (stable). You need to compile with --with-http_v3_module or use the quic packages from nginx.org. HTTP/3 requires TLS 1.3 and typically uses UDP port 443. Major CDNs (Cloudflare, AWS CloudFront) already handle QUIC at the edge, so enabling it on your origin is only useful for direct client connections.

What is the difference between Nginx OSS and Nginx Plus?

Nginx OSS is the free open-source web server. Nginx Plus (from F5 Networks) adds commercial features: active health checks, session persistence, JWT auth, dynamic reconfiguration API, live activity monitoring dashboard, and official support. Pricing starts around $2,500/year per instance. For most use cases, OSS with community modules is sufficient.

How do I upgrade Nginx safely?

Nginx supports binary upgrades without downtime using its master/worker architecture. Send USR2 to the master process to start a new master with the updated binary, then WINCH to gracefully shut down old workers. On systemd systems, a simple package update and systemctl reload usually suffices. Always test your config with nginx -t before reloading.

Is Nginx being replaced by newer proxies?

Nginx still powers roughly 35% of all websites (Netcraft, 2025) and remains the default choice for most production deployments. Newer proxies like Envoy, Traefik, and Caddy have carved out niches (Envoy for service mesh, Traefik for container auto-discovery, Caddy for automatic HTTPS), but Nginx dominance in general web serving and reverse proxying is not threatened. Its performance, maturity, and documentation depth are unmatched.

Related Tools

Dep EOL Scanner

Check your dependencies for end-of-life packages.

Stack Health Scorecard

Get an overall health grade for your tech stack.

Release Index

Browse all tracked platforms and their release timelines.

Browse All Version History