OpenResty® Scalable Web Platform by Extending NGINX with Lua

OpenResty XRay

Advanced observability built for OpenResty and more


limited time offer

Request TRIAL today and receive a diagnostic REPORT
Learn more
New! OpenResty is now released!
New! OpenResty is now released!
New! New blog post Introduction to OpenResty XRay Mobile Apps is published.
New! New blog post How to Use Gateway Partitions in OpenResty Edge is published.
New! New blog post Use C++ to Dynamic-Trace C++ Applications is published.

OpenResty Released

Johnny Wang , 08 Nov 2023 (created 08 Nov 2023)

OpenResty is a patch release addressing a security vulnerability in the NGINX HTTP/2 processing that could be exploited by an attacker by rapidly creating and cancelling a large number of HTTP/2 streams. This vulnerability, referred to as the HTTP/2 Rapid Reset Attack, bypasses the server's limits on concurrent streams because reset streams are processed faster than new ones can be established, thus potentially allowing an attacker to overload the server. (CVE-2023-4487)

Download this version here.

The (portable) source code distribution, the Win32/Win64 binary distributions, and the pre-built binary Linux packages for Ubuntu, Debian, Fedora, CentOS, RHEL, OpenSUSE, Amazon Linux are provided on this Download page.

This is the third OpenResty release based on the nginx 1.21.4 core.

Version highlights

  • Applied the patch for security advisory to NGINX cores (CVE-2023-44487).

Full Change logs

Complete change logs since the last (formal) release,, can be browsed in the page Change Log for 1.21.4.x.


We have run extensive testing on our Amazon EC2 test cluster and ensured that all the components (including the Nginx core) play well together. The latest test report can always be found here:

We also always run our OpenResty Edge commercial software based on the latest open source version of OpenResty in our own global CDN network (dubbed "mini CDN") powering our and websites. See for more details.

Community Support

See the Community Page.

Commercial Support

Commercial technical support and real-time noninvasive online monitoring and profiling solution is provided through the official OpenResty XRay product.


Feedback on this release is more than welcome. Feel free to create new GitHub issues or send emails to one of our mailing lists.