nginx as SSL terminating server

W. Andrew Loe III andrew at
Thu Jul 29 02:05:50 MSD 2010

Quite simply: no.

You cannot stop the first nginx from buffering requests. You can (and
should!) stop it from buffering responses with the proxy_buffering

proxy_buffering off;

I have a similar setup (minus the haproxy layer,
passenger_global_queue is good enough) and would also like to do this.
I've tried messing with the proxy buffer sizes but it doesn't seem to
make any significant difference with large uploads and opens up DoS

On Tue, Jul 27, 2010 at 12:11 PM, joshua <nginx-forum at> wrote:
> We have the following setup:
> firewall --> single nginx instance (SSL termination) --> haproxy -->
> multiple nginx/unicorn instances (via unix socket)
> Is it recommendable to turn request buffering off at the first nginx?
> Ideally things like uploads would be buffered at the final nginx
> instances. The first one is only there to terminate SSL and pass
> requests on to haproxy.
> Thanks,
> Joshua Sierles
> Posted at Nginx Forum:,113599,113599#msg-113599
> _______________________________________________
> nginx mailing list
> nginx at

More information about the nginx mailing list