<div dir="ltr">I think you mistake ssl/tls level compression with gzip http compression, both are different.<div><br></div><div>If you put gzip in http section, all server sections under this http will inherits this gzip config.</div>
<div><br></div><div>This is why Igor recommends you to split the server config for SSL and non-SSL, and put 'gzip on' only at the non-SSL one.</div><div><br></div><div><br></div></div><div class="gmail_extra"><br>
<br><div class="gmail_quote">On Mon, Aug 19, 2013 at 12:15 AM, Jonathan Matthews <span dir="ltr"><<a href="mailto:contact@jpluscplusm.com" target="_blank">contact@jpluscplusm.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">On 18 August 2013 18:09, itpp2012 <<a href="mailto:nginx-forum@nginx.us">nginx-forum@nginx.us</a>> wrote:<br>
> Igor Sysoev Wrote:<br>
> -------------------------------------------------------<br>
>> Yes, modern nginx versions do not use SSL compression.<br>
> [...]<br>
>> You have to split the dual mode server section into two server server<br>
>> sections and set "gzip off"<br>
>> SSL-enabled on. There is no way to disable gzip in dual mode server<br>
>> section, but if you really<br>
>> worry about security in general the server sections should be<br>
>> different.<br>
><br>
> If modern versions do not use ssl compression why split a dual mode server?<br>
> If gzip is on in the http section, what happens then to the ssl section of a<br>
> dual mode server?<br>
<br>
</div>+1<br>
<div class="HOEnZb"><div class="h5"><br>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br>regards,<br>Nurahmadie<br>--<br>
</div>