How to turn off gzip compression for SSL traffic

howard chen Fri, 16 Aug 2013 22:00:59 -0700

Hi,

As you know, due the breach attack (http://breachattack.com), HTTP
compression is no longer safe (I assume nginx don't use SSL compression by
default?), so we should disable it.


Now, We are using config like the following:

    gzip on;
    ..

    server {
        listen 127.0.0.1:80 default_server;
        listen 127.0.0.1:443 default_server ssl;



With the need to split into two servers section, is it possible to turn off
gzip when we are using SSL?


Thanks

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

How to turn off gzip compression for SSL traffic

Reply via email to