Welcome! Log In Create A New Profile

Advanced

Re: How to turn off gzip compression for SSL traffic

B.R.
August 18, 2013 05:14PM
Hello,

On Sun, Aug 18, 2013 at 4:48 PM, itpp2012 <nginx-forum@nginx.us> wrote:

> I think we could all benefit from a nginx recommendation on using gzip with
> single and dual mode server sections regarding a hardening approach against
> breach. Maxim?
>

​As Igor advised, 2 different servers to server HTTP & HTTPS requests are
preferred:

server {
listen 80;
server_name inter.net

include inter.net_shared_http_https_content.conf
# Conf specific to HTTP content delivery here
}

server {
listen 443;
server_name inter.net

include inter.net_shared_http_https_content.conf
# Conf specific to HTTPS content delivery here
}

If you read the conf for the gzip directive, you'd notice that gzip
directive default value is 'off', so if you don't mention 'gzip on'
anywhere in your conf tree for the considered servers, there'll be no HTTP
compression.
Thus, if you kept your server configuration minimal and didn't explicitely
activated gzip compression somewhere, you are safe by default.

You couldn't be safier as the only way you are exposed would it be due to a
lack of control/understanding of directives *you explicitely put* into your
server(s) configuration.
---
*B. R.*
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

How to turn off gzip compression for SSL traffic

howard chen August 17, 2013 01:00AM

Re: How to turn off gzip compression for SSL traffic

Igor Sysoev August 17, 2013 08:46AM

Re: How to turn off gzip compression for SSL traffic

howard chen August 18, 2013 06:28AM

Re: How to turn off gzip compression for SSL traffic

Bob S. August 18, 2013 09:04AM

Re: How to turn off gzip compression for SSL traffic

Igor Sysoev August 19, 2013 12:44AM

Re: How to turn off gzip compression for SSL traffic

itpp2012 August 18, 2013 01:09PM

Re: How to turn off gzip compression for SSL traffic

Jonathan Matthews August 18, 2013 01:16PM

Re: How to turn off gzip compression for SSL traffic

Adie Nurahmadie August 18, 2013 01:48PM

Re: How to turn off gzip compression for SSL traffic

B.R. August 18, 2013 02:58PM

Re: How to turn off gzip compression for SSL traffic

openletter August 18, 2013 03:34PM

Re: How to turn off gzip compression for SSL traffic

openletter August 18, 2013 03:38PM

Re: How to turn off gzip compression for SSL traffic

itpp2012 August 18, 2013 04:48PM

Re: How to turn off gzip compression for SSL traffic

B.R. August 18, 2013 05:14PM

Re: How to turn off gzip compression for SSL traffic

Igor Sysoev August 19, 2013 12:44AM

Re: How to turn off gzip compression for SSL traffic

B.R. August 19, 2013 01:58AM

Re: How to turn off gzip compression for SSL traffic

Igor Sysoev August 19, 2013 02:06AM

Re: How to turn off gzip compression for SSL traffic

B.R. August 19, 2013 11:48AM

Re: How to turn off gzip compression for SSL traffic

rmalayter August 20, 2013 05:12PM

Re: How to turn off gzip compression for SSL traffic

B.R. August 20, 2013 06:26PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 175
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready