Commit 563fec73 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Disable compression to prevent BREACH attack

Signed-off-by: default avatarDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
parent 1eec1f4f
...@@ -42,6 +42,9 @@ server { ...@@ -42,6 +42,9 @@ server {
# if a file, which is not found in the root folder is requested, # if a file, which is not found in the root folder is requested,
# then the proxy pass the request to the upsteam (gitlab unicorn) # then the proxy pass the request to the upsteam (gitlab unicorn)
location @gitlab { location @gitlab {
# We need this to prevent BREACH attack
gzip off;
proxy_read_timeout 300; # Some requests take more than 30 seconds. proxy_read_timeout 300; # Some requests take more than 30 seconds.
proxy_connect_timeout 300; # Some requests take more than 30 seconds. proxy_connect_timeout 300; # Some requests take more than 30 seconds.
proxy_redirect off; proxy_redirect off;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment