Kong 0.10.3 has been released with a few security fixes and performance improvements, and we recommend to upgrade:
Performance has been improved when using the rate-limiting plugin, also reducing the load on the counter datastore.
Kong now supports Mutual SSL security between Kong and the final APIs with the “proxy_ssl_certificate” and “proxy_ssl_certificate_key” configuration properties.
Fixed a bug (introduced in 0.10.0) that prevented Key Authentication credentials to be sent in the request body.
OAuth 2.0 Client Application is checked when refreshing an Access Token.
DNS resolution performance has been improved under certain conditions.
And much more in the changelog.
Kong 0.10.2 has been released and we highly recommend to upgrade. We’d like to highlight a few important features and fixes it introduces.
A new request-termination plugin, which comes handy when you need to temporarily disable an API or block a Consumer. This plugin was generously contributed by Paul Austin.
Plugins can now implement a new ‘rewrite()’ handler function, which is a hook in the Nginx phase bearing the same name.
Kong does not unconditionally append a trailing slash to the URL of your upstream services anymore.
Ability to hide Kong headers in responses.
And much more in