News & Updates

Nginx 1.31.0 (mainline) and 1.30.1 (stable) have been released with fixes for 6 security vulnerabilities. All three Centmin Mod branches (132.00stable, 140.00beta01, 141.00beta01) have been updated to Nginx 1.31.0 as the new default.

CVEs addressed:

• CVE-2026-42945 — Heap buffer overflow in ngx_http_rewrite_module (potential code execution)
• CVE-2026-42926 — HTTP/2 request injection via proxy_set_body
• CVE-2026-42946 — Heap buffer overread in SCGI/uWSGI modules
• CVE-2026-42934 — Heap buffer overread in UTF-8 charset decoding
• CVE-2026-40460 — QUIC address spoofing via connection migration
• CVE-2026-40701 — Use-after-free in DNS OCSP processing

To update, run cmupdate and then centmin.sh menu option 4 to recompile Nginx. Or instead of cmupdate, update your local code first via centmin.sh menu option 23 submenu option 2 and then centmin.sh menu option 4 to recompile Nginx. See the Nginx Upgrade / Downgrade guide and the forum announcement for more info.

After over a decade running on the same design, the Centmin Mod website has been rebuilt from the ground up. The old site served us well, but it was showing its age — hard to read on phones, no dark mode, and documentation scattered across forum threads instead of being front and center on the site itself.

The new site fixes all of that. Every page now works properly on mobile, tablet, and desktop. There's a dark mode that follows your system preference or can be toggled manually. And most importantly, the documentation has been massively expanded with dedicated pages covering every major Centmin Mod feature in detail.

Here's what's new:

• Over 50 documentation pages covering Nginx, PHP-FPM, MariaDB, SSL, firewalls, email, backups, and more
• A comprehensive Menu Option 21 Data Management guide for backups, migrations, and S3 transfers
• Improved installation instructions with step-by-step walkthroughs for AlmaLinux and Rocky Linux
• An AI-powered search (press Cmd+K or click the search bar) that actually understands what you're looking for
• An AI chatbot assistant that can answer technical questions about Centmin Mod configuration and troubleshooting
• This live news feed you're reading right now, which automatically pulls the latest announcements from the community forums

The community forums remain the best place for support, bug reports, and discussions. The site and forums work together — the site provides the documentation and guides, while the forums handle the conversations and troubleshooting that need back-and-forth discussion.

If you spot any issues with the new site or have suggestions, feel free to post in the feedback and suggestions forum.

Centmin Mod 131.00stable and 140.00beta01 have been released with full AlmaLinux and Rocky Linux support.

Centmin Mod 130.00beta01 has opened public beta testing for AlmaLinux 8 and Rocky Linux 8 support and the AlmaLinux 8 & Rocky Linux 8 Beta Testing forum is now viewable. You can see an example AlmaLinux 8 based install on DigitalOcean droplet KVM VPS.

Centmin Mod 124.00stable & 130.00beta01 have been released.

Latest Centmin Mod 123.09beta01's Nginx 1.15.3+ now supports TLS v1.3 with two cryptographic libraries that can be built with Centmin Mod Nginx. Instructions for Nginx compiled with either BoringSSL or OpenSSL 1.1.1.

• For Centmin Mod Nginx with BoringSSL based TLS 1.3, see Enabling BoringSSL TLS v1.3. For Nginx 1.15.3 + BoringSSL TLS 1.3 with 0-RTT Early Data resumption.
• For Centmin Mod Nginx with OpenSSL 1.1.1 based TLS 1.3, see OpenSSL 1.1.1 Released with TLS 1.3 Support.

Akamai is sponsoring OpenSSL TLS 1.3 development for release in OpenSSL 1.1.0 branch which is an OpenSSL branch optionally supported by Centmin Mod 123.09beta01's Nginx 1.11 setup where you can switch between default Nginx 1.11 + LibreSSL crypto library and Nginx 1.11 + OpenSSL 1.0.2/1.1 branches (with BoringSSL support in development as well).

Updated both Centmin Mod 1.2.3-eva2000.08 stable and 1.2.3-eva2000.09 beta01 branches for Nginx 1.11.6 defaults & compatibility fixes for OpenResty Nginx Modules. For existing users, use centmin.sh menu option 4 to update Nginx. Update your local code via centmin.sh menu option 23 submenu option 2 first.

Updated both Centmin Mod stable and beta branches for Nginx 1.11.1 defaults for security updates (CVE-2016-4450). Use centmin.sh menu option 4 to update Nginx.

Centmin Mod LEMP stack users have 3 security updates for ImageMagick, OpenSSL & LibreSSL.

Centmin Mod 1.2.3-eva2000.09 beta01 branch has many improvements and new features added. A change log can be viewed on the forum. To try a test install or update, follow instructions in the official thread.

Updated both Centmin Mod stable and beta branches for Nginx 1.9.12 incompatibility with LibreSSL. Switched back to Nginx compiled against OpenSSL 1.0.2f and higher.

Updated both Centmin Mod stable and beta branches for Nginx PageSpeed Module 1.9.32.13 beta release.

Updated both stable and beta branches for Nginx 1.9.10 security fixes CVE-2016-0742, CVE-2016-0746, and CVE-2016-0747. Use centmin.sh menu option 4 to update Nginx.

Updated both stable and beta branches for official PHP 7.0 GA release supported downloads. PHP version 7.0.0+ on centmin.sh menu option 5 now downloads from official php.net hosted source tarball files.

Updated both stable and beta branches for Nginx 1.9.5 default with new HTTP/2 protocol support which replaces SPDY/3.1. Full details at Nginx 1.9.5 released with HTTP/2 support officially.

Updated Nginx Configuration page with two new listings for Laravel 5.1 Nginx install and for Centmin Mod centmin.sh menu option 22 auto WordPress installation.

Centmin Mod 1.2.3-eva2000.09 beta testing has begun. Nginx HTTP/2 page and HTTP/1.1 vs HTTP/2 benchmarks have been added. The first major addition is support for Nginx's new HTTP/2 alpha patch which supports ALPN TLS extensions.

Centmin Mod 1.2.3-eva2000.08 stable release has been updated to support CentOS 6.7 release. To update, use the new centmin.sh menu option 23 explained on the upgrade page.

Centmin Mod 1.2.3-eva2000.08 stable release is finally here after 12+ months of development work! New centmin.sh menu options 22 and 23 added. Check out the full change log or jump straight into installation.