mdPlusPlus / lempstack

LEMP Installer for Debian/Ubuntu - Linux, NGINX, MySQL, PHP
MIT License
7 stars 1 forks source link

Re-evaluate GZIP compression (BREACH) #6

Open mdPlusPlus opened 5 years ago

mdPlusPlus commented 5 years ago

Current code:

        gzip on;
        gzip_comp_level 2;
        gzip_disable "msie6";
        gzip_proxied any;
        gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype application/vnd.ms-fontobject;
        gzip_vary on;

So far the easiest solution to avoid BREACH attacks seems to be setting gzip off;
Further investigation is needed.