How to turn off gzip compression for SSL traffic

Igor Sysoev igor at
Sat Aug 17 12:43:51 UTC 2013

On Aug 17, 2013, at 8:59 , howard chen wrote:

> Hi,
> As you know, due the breach attack (, HTTP compression is no longer safe (I assume nginx don't use SSL compression by default?), so we should disable it.

Yes, modern nginx versions do not use SSL compression.

> Now, We are using config like the following:
>     gzip on;
>     ..
>     server {
>         listen default_server;
>         listen default_server ssl;
> With the need to split into two servers section, is it possible to turn off gzip when we are using SSL?

You have to split the dual mode server section into two server server sections and set "gzip off"
SSL-enabled on. There is no way to disable gzip in dual mode server section, but if you really
worry about security in general the server sections should be different.

Igor Sysoev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list