Last checked and updated on 05 Jun 2026
What Is New in NGINX 1.15
NGINX 1.15 is a mainline release that introduces several key features focused on improving control over the HTTP request/response process and enhancing proxy capabilities. This version is particularly significant for developers needing fine-grained access to the request lifecycle.
| Category | Key Changes |
|---|---|
| New Features | Mirrored requests, the post_action directive, PROXY protocol support in stream module
|
| Improvements | SSL improvements, better load balancing with the random directive,
limit_req dry run mode |
| Bug Fixes | Fixes for HTTP/2, memory management, and the proxy_cache directive |
How does request mirroring work in 1.15?
The mirror directive allows you to send a copy of the original request to another location for
processing. This is incredibly useful for shadowing traffic to a testing environment without impacting the live
response to the client.
In practice, you can use this to test new application versions with real user traffic. The mirrored requests are processed asynchronously, and any responses from the mirror location are simply discarded.
location / {
mirror /mirror;
proxy_pass http://backend;
}
location /mirror {
internal;
proxy_pass http://test_backend$request_uri;
}What can you do with the new post_action directive?
The post_action directive lets you issue a subrequest after the main request has been fully
processed and the client has received the response. This changes how you can handle logging or post-processing
tasks.
This matters because it decouples the main request from background tasks. You can now trigger cleanup operations or send analytics data without keeping the client connection open, which improves perceived performance.
Why is PROXY protocol support in stream module important?
NGINX 1.15 extended PROXY protocol support to the stream module, not just HTTP. This allows the server to receive the original client connection information (like IP address) when used behind another proxy or load balancer that uses the PROXY protocol.
For TCP and UDP load balancing, this is a game-changer. It ensures that the upstream servers see the actual client's IP address instead of the IP of the intermediate proxy, which is critical for access control and logging.
What SSL improvements were made?
This release added support for the SSL "reject_handshake" extension. It also improved compatibility with certain OpenSSL operations and fixed issues related to session resumption.
These low-level SSL tweaks enhance the stability and security of TLS connections. They help NGINX handle malformed handshakes more gracefully and interoperate better with a wider range of clients.
FAQ
Is the mirror directive suitable for duplicating traffic for analytics?
Yes, absolutely. The
mirror directive is designed for this exact use case. It sends a copy of live traffic to another
endpoint, making it perfect for feeding data into analytics pipelines, security monitoring tools, or staging
environments without affecting the primary request flow.
Does using post_action impact performance?
Since the post_action subrequest is
executed after the response is sent to the client, it has minimal impact on the main request's response time.
The performance hit is isolated to the background processing, which is generally acceptable for non-critical
tasks.
When should I use the random load balancing method?
The random load balancing
method is beneficial when you have a large number of servers and need a stateless, lightweight distribution
method. It's a simpler alternative to round-robin or least_conn when you don't need to consider server load or
connection count.
What is the dry run mode in limit_req used for?
The dry run mode
(limit_req_dry_run) allows you to test your rate limiting configuration without actually rejecting
any requests. It logs the requests that would have been limited, which is invaluable for fine-tuning your limits
before enforcing them in production.
Can I use PROXY protocol with UDP traffic in the stream module?
Yes, the extended PROXY
protocol support in the stream module applies to both TCP and UDP traffic. This allows you to preserve client
connection information for a wider range of services, like DNS or VoIP servers, that use UDP.