On Aug 7, 2013, at 1:48 , Jonathan Vanasco wrote: > are there any official recommendations from nginx to safeguard against the > BREACH exploit ? > > http://breachattack.com/ > > http://arstechnica.com/security/2013/08/gone-in-30-seconds-new-attack-plucks-secrets-from-https-protected-pages/
"gzip off" от SSL-enabled sites. -- Igor Sysoev http://nginx.com/services.html _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx