NGINX Monitoring with Amplify | Continuous Security Scanning with Gixy

The End of NGINX Amplify

F5 (the company behind NGINX) shut down NGINX Amplify on January 31, 2026. If you were using Amplify for monitoring, you need an alternative—and GetPageSpeed Amplify is designed as a direct replacement with enhanced capabilities.

Unlike the original, GetPageSpeed Amplify includes built-in Gixy security scanning, running automated security checks on your NGINX configuration every time it changes. No more manual scans—security monitoring happens 24/7.

Migration takes under 60 seconds. If you're coming from NGINX Amplify, the agent installation is nearly identical. Your existing dashboards and alerts translate directly.

Built-in Gixy Security Scanning

GetPageSpeed Amplify doesn't just monitor performance—it continuously analyzes your NGINX configuration for security vulnerabilities using Gixy. Here's what happens automatically:

Configuration change detection — The agent watches for changes to your NGINX configs
Automatic Gixy scans — When changes are detected, Gixy runs a full security analysis
Real-time alerts — Security issues trigger immediate notifications
Dashboard visibility — View all security findings alongside performance metrics

This integration catches security issues that CI/CD pipelines might miss:

Configuration drift — Manual changes made directly on servers
Hot reloads — Changes applied without deployment pipelines
Include file changes — Modifications to files pulled via include directives

What GetPageSpeed Amplify Monitors

Beyond security scanning, Amplify provides comprehensive infrastructure monitoring:

NGINX Metrics

Requests/sec, response times, status codes, upstream health, cache hit rates

PHP-FPM

Process pools, slow requests, memory usage per pool, queue depths

Varnish Cache

Hit/miss ratios, backend health, memory utilization, ban list size

MySQL/MariaDB

Query throughput, slow queries, connections, replication lag

System Metrics

CPU, memory, disk I/O, network traffic, load averages

Security Analysis

Gixy scans, SSL certificate expiry, security header checks

Free Tier: 1 Host + Security Analysis

GetPageSpeed Amplify offers a free tier that includes:

1 monitored host — Perfect for personal projects or evaluation
Full Gixy security scanning — All 30+ security checks included
7-day metrics retention — Enough for trend analysis
Email alerts — Get notified of security issues immediately

Paid tiers add more hosts, longer retention, and advanced features like custom dashboards and Slack/PagerDuty integrations.

Quick Start Installation

Installing the Amplify agent takes under a minute. Run this on your server:

Install Agent
# Download and run the installer
curl -sS https://amplify.getpagespeed.com/install | sudo bash

# The installer will:
# 1. Detect your OS (RHEL/Rocky/Alma, Ubuntu, Debian)
# 2. Install the amplify-agent package
# 3. Configure the agent with your API key
# 4. Start the service

After installation, the agent immediately begins:

Collecting system and NGINX metrics
Running an initial Gixy security scan
Reporting to the Amplify dashboard

Verify Installation
# Check agent status
sudo systemctl status amplify-agent

# View recent logs
sudo journalctl -u amplify-agent -n 50

# Trigger a manual security scan
sudo amplify-agent --scan-now

Viewing Security Results

The Amplify dashboard shows Gixy findings alongside your infrastructure metrics. Each security issue includes:

Severity level — HIGH, MEDIUM, or LOW
Affected file and line — Exact location of the issue
Description — What the vulnerability is and why it matters
Remediation — How to fix the configuration

You can also access security findings via the API for integration with other tools:

API Example
# Fetch security findings for a host
curl -H "Authorization: Bearer $AMPLIFY_TOKEN" \
  "https://api.amplify.getpagespeed.com/v1/hosts/HOST_ID/security"

# Response includes all Gixy findings
{
  "scan_time": "2026-02-17T10:30:00Z",
  "findings": [
    {
      "plugin": "ssrf",
      "severity": "HIGH",
      "file": "/etc/nginx/conf.d/proxy.conf",
      "line": 12,
      "message": "Unsafe variable $host in proxy_pass"
    }
  ]
}

CI/CD + Continuous Monitoring: Complete Coverage

Running Gixy in CI/CD (see our CI/CD Integration Guide) catches issues before deployment. But what about:

Emergency fixes applied directly to production?
Configuration changes by other team members?
Drift between your Git repo and actual server state?

GetPageSpeed Amplify closes this gap. CI/CD validates your intended configuration; Amplify validates what's actually running. Together, they provide complete security coverage.

Best Practice: Use Gixy in CI/CD to block insecure deployments, and Amplify for continuous monitoring to catch everything else. The same Gixy engine powers both, ensuring consistent security standards.

Migrating from NGINX Amplify

If you were using F5's NGINX Amplify before the shutdown, migration is straightforward:

Remove the old agent — sudo apt remove nginx-amplify-agent or sudo yum remove nginx-amplify-agent
Install GetPageSpeed agent — Use the curl command above
Verify metrics — Check the dashboard within 2-3 minutes

Your metrics collection resumes immediately. You'll also start seeing Gixy security findings—a feature the original Amplify never had.

Start Monitoring Your NGINX

Free tier includes 1 host with full Gixy security scanning. No credit card required.

Get Started Free →

Continuous NGINX Monitoring with GetPageSpeed Amplify