<div dir="ltr">Hi,<div><br></div><div>As you know, due the breach attack (<a href="http://breachattack.com">http://breachattack.com</a>), HTTP compression is no longer safe (I assume nginx don't use SSL compression by default?), so we should disable it.</div>
<div><br></div><div>Now, We are using config like the following:</div><div><br></div><div><div> gzip on;</div><div> ..</div><div> </div><div> server {</div><div> listen <a href="http://127.0.0.1:80">127.0.0.1:80</a> default_server;</div>
<div> listen <a href="http://127.0.0.1:443">127.0.0.1:443</a> default_server ssl;</div><div> </div><div> </div></div><div><br></div><div>With the need to split into two servers section, is it possible to turn off gzip when we are using SSL?</div>
<div><br></div><div><br></div><div>Thanks</div></div>