How to turn off gzip compression for SSL traffic

B.R. reallfqq-nginx at
Sun Aug 18 21:12:26 UTC 2013


On Sun, Aug 18, 2013 at 4:48 PM, itpp2012 <nginx-forum at> wrote:

> I think we could all benefit from a nginx recommendation on using gzip with
> single and dual mode server sections regarding a hardening approach against
> breach. Maxim?

​As Igor advised, 2 different servers to server HTTP & HTTPS requests are

server {
    listen 80;

    include inter.net_shared_http_https_content.conf
    # Conf specific to HTTP content delivery here

server {
    listen 443;

    include inter.net_shared_http_https_content.conf
    # Conf specific to HTTPS content delivery here

If you read the conf for the gzip directive, you'd notice that gzip
directive default value is 'off', so if you don't mention 'gzip on'
anywhere in your conf tree for the considered servers, there'll be no HTTP
Thus, if you kept your server configuration minimal and didn't explicitely
activated gzip compression somewhere, you are safe by default.

You couldn't be safier as the only way you are exposed would it be due to a
lack of control/understanding of directives *you explicitely put* into your
server(s) configuration.
*B. R.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list