How to turn off gzip compression for SSL traffic
howard chen
howachen at gmail.com
Sat Aug 17 04:59:30 UTC 2013
Hi,
As you know, due the breach attack (http://breachattack.com), HTTP
compression is no longer safe (I assume nginx don't use SSL compression by
default?), so we should disable it.
Now, We are using config like the following:
gzip on;
..
server {
listen 127.0.0.1:80 default_server;
listen 127.0.0.1:443 default_server ssl;
With the need to split into two servers section, is it possible to turn off
gzip when we are using SSL?
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130817/870f401b/attachment.html>
More information about the nginx
mailing list