Welcome! Log In Create A New Profile

Advanced

Re: How to turn off gzip compression for SSL traffic

August 19, 2013 12:44AM
On Aug 18, 2013, at 21:09 , itpp2012 wrote:

> Igor Sysoev Wrote:
> -------------------------------------------------------
>> Yes, modern nginx versions do not use SSL compression.
> [...]
>> You have to split the dual mode server section into two server server
>> sections and set "gzip off"
>> SSL-enabled on. There is no way to disable gzip in dual mode server
>> section, but if you really
>> worry about security in general the server sections should be
>> different.
>
> If modern versions do not use ssl compression why split a dual mode server?
> If gzip is on in the http section, what happens then to the ssl section of a
> dual mode server?

These are different vulnerabilities: SSL compression is subject to
CRIME vulnerability while HTTP/SSL compression is subject to BREACH
vulnerability.


--
Igor Sysoev
http://nginx.com/services.html

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

How to turn off gzip compression for SSL traffic

howard chen August 17, 2013 01:00AM

Re: How to turn off gzip compression for SSL traffic

Igor Sysoev August 17, 2013 08:46AM

Re: How to turn off gzip compression for SSL traffic

howard chen August 18, 2013 06:28AM

Re: How to turn off gzip compression for SSL traffic

Bob S. August 18, 2013 09:04AM

Re: How to turn off gzip compression for SSL traffic

Igor Sysoev August 19, 2013 12:44AM

Re: How to turn off gzip compression for SSL traffic

itpp2012 August 18, 2013 01:09PM

Re: How to turn off gzip compression for SSL traffic

Jonathan Matthews August 18, 2013 01:16PM

Re: How to turn off gzip compression for SSL traffic

Adie Nurahmadie August 18, 2013 01:48PM

Re: How to turn off gzip compression for SSL traffic

B.R. August 18, 2013 02:58PM

Re: How to turn off gzip compression for SSL traffic

openletter August 18, 2013 03:34PM

Re: How to turn off gzip compression for SSL traffic

openletter August 18, 2013 03:38PM

Re: How to turn off gzip compression for SSL traffic

itpp2012 August 18, 2013 04:48PM

Re: How to turn off gzip compression for SSL traffic

B.R. August 18, 2013 05:14PM

Re: How to turn off gzip compression for SSL traffic

Igor Sysoev August 19, 2013 12:44AM

Re: How to turn off gzip compression for SSL traffic

B.R. August 19, 2013 01:58AM

Re: How to turn off gzip compression for SSL traffic

Igor Sysoev August 19, 2013 02:06AM

Re: How to turn off gzip compression for SSL traffic

B.R. August 19, 2013 11:48AM

Re: How to turn off gzip compression for SSL traffic

rmalayter August 20, 2013 05:12PM

Re: How to turn off gzip compression for SSL traffic

B.R. August 20, 2013 06:26PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 167
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready