diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-04-03 13:03:16 +0300 |
---|---|---|
committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-04-03 13:03:16 +0300 |
commit | 563fec734912d81cd7caea6fa8ec2b397fb72a9b (patch) | |
tree | a3cec28180a4241be1fb4df17c27f2126196956d /lib/support/nginx | |
parent | 1eec1f4f20a13d8110757fb5027462346aa0a9fc (diff) | |
download | gitlab-ce-563fec734912d81cd7caea6fa8ec2b397fb72a9b.tar.gz |
Disable compression to prevent BREACH attack
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Diffstat (limited to 'lib/support/nginx')
-rw-r--r-- | lib/support/nginx/gitlab | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/support/nginx/gitlab b/lib/support/nginx/gitlab index 5bff362da0e..6b31dbd4304 100644 --- a/lib/support/nginx/gitlab +++ b/lib/support/nginx/gitlab @@ -42,6 +42,9 @@ server { # if a file, which is not found in the root folder is requested, # then the proxy pass the request to the upsteam (gitlab unicorn) location @gitlab { + # We need this to prevent BREACH attack + gzip off; + proxy_read_timeout 300; # Some requests take more than 30 seconds. proxy_connect_timeout 300; # Some requests take more than 30 seconds. proxy_redirect off; |