diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-04-07 15:48:45 +0000 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-04-07 15:48:45 +0000 |
| commit | fefa10c3c208cb0cce6e25e498221d1d97d26238 (patch) | |
| tree | 2953024494467fd925add72bd7e07ea30370b622 | |
| parent | 8df66046d90cc4f4c53d8cf67ca2af5fcf87fd49 (diff) | |
| parent | 5307dd5f74236fc48b64080d3191cba1ebe4315e (diff) | |
| download | gitlab-ce-fefa10c3c208cb0cce6e25e498221d1d97d26238.tar.gz | |
Merge branch 'breack-attack' into 'master'
Breack attack
Fixes #1104
| -rw-r--r-- | lib/support/nginx/gitlab | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/support/nginx/gitlab b/lib/support/nginx/gitlab index 5bff362da0e..f64c8d5883c 100644 --- a/lib/support/nginx/gitlab +++ b/lib/support/nginx/gitlab @@ -42,6 +42,10 @@ server { # if a file, which is not found in the root folder is requested, # then the proxy pass the request to the upsteam (gitlab unicorn) location @gitlab { + # If you use https make sure you disable gzip compression + # to be safe against BREACH attack + # gzip off; + proxy_read_timeout 300; # Some requests take more than 30 seconds. proxy_connect_timeout 300; # Some requests take more than 30 seconds. proxy_redirect off; @@ -63,5 +67,4 @@ server { } error_page 502 /502.html; -} - +}
\ No newline at end of file |