Re: Header Vary: Accept-Encoding - security risk ?

2014-05-28 23:20 GMT+02:00 chili_confits : > I have enabled gzip with > ... > gzip on; > gzip_http_version 1.0; > gzip_vary on; > ... > to satisfy incoming HTTP 1.0 requests. > > In a very similiar setup which got OWASP-evaluated, I read this - marked as > a defect: > "The web server sent

Re: Dynamic ssl certificate ? (wildcard+ multiple different certs)

Certificates are selected and presented by the server before the client even has the chance to send any cookies, the latter happening after the »TLS handshake«. 2014/1/9 Larry : > Hello, > > Here is my current conf > > server { > listen 443; > > server_name ~^(.*)

Re: "A" Grade SSL/TLS with Nginx and StartSSL

2013-10-15 Piotr Sikora has cited Julien Vehent : > > ssl_ciphers > 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDH

Re: Cross-compiling Nginx for ARM?

2013/4/16 Shohreh: > djczaski Wrote: > > Thanks for the input. By any chance, did you write a tutorial that I could > use to try and compile it for that other ARM processor? Here you go: [1] http://mark.ossdl.de/en/2009/09/nginx-on-sheevaplug.html You don't need to patch Nginx anymore and can ski