[DOC] Guide to Nginx + SSL + SPDY

Paul N. Pace paulnpace at gmail.com
Mon Sep 9 19:38:01 UTC 2013

We had a discussion on this list recently about using gzip in the SSL block.

On Aug 17 Igor Sysoev wrote:
>You have to split the dual mode server section into two server server sections and set "gzip off"
>SSL-enabled on. There is no way to disable gzip in dual mode server section, but if you really
>worry about security in general the server sections should be different.

On Sun, Sep 8, 2013 at 10:50 AM, mex <nginx-forum at nginx.us> wrote:
> hi list,
> i recently had to dig deeper into nginx + ssl-setup and came up with a
> short documentation on how to setup and run nginx as SSL-Gateway/Offload,
> including SPDY. beside basic configuration this guide covers HSTS-Headers,
> Perfect Forward Secrecy(PFS) and the latest and greatest ssl-based attacks
> like
> CRIME, BEAST, and Lucky Thirteen.
> Link:  http://www.mare-system.de/blog/page/1378546400/
> the reason for this 321th guide to nginx+ssl: i did not found any valid
> source that covers all aspects, including spdy and hsts, so i made this
> collection and will keep it updated.
> comments and critics appreciated
> regards,
> mex
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,242672,242672#msg-242672
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

More information about the nginx mailing list