Commit fefa10c3c208cb0cce6e25e498221d1d97d26238
Exists in
spb-stable
and in
3 other branches
Merge branch 'breack-attack' into 'master'
Breack attack Fixes #1104
Showing
1 changed file
with
5 additions
and
2 deletions
Show diff stats
lib/support/nginx/gitlab
| @@ -42,6 +42,10 @@ server { | @@ -42,6 +42,10 @@ server { | ||
| 42 | # if a file, which is not found in the root folder is requested, | 42 | # if a file, which is not found in the root folder is requested, |
| 43 | # then the proxy pass the request to the upsteam (gitlab unicorn) | 43 | # then the proxy pass the request to the upsteam (gitlab unicorn) |
| 44 | location @gitlab { | 44 | location @gitlab { |
| 45 | + # If you use https make sure you disable gzip compression | ||
| 46 | + # to be safe against BREACH attack | ||
| 47 | + # gzip off; | ||
| 48 | + | ||
| 45 | proxy_read_timeout 300; # Some requests take more than 30 seconds. | 49 | proxy_read_timeout 300; # Some requests take more than 30 seconds. |
| 46 | proxy_connect_timeout 300; # Some requests take more than 30 seconds. | 50 | proxy_connect_timeout 300; # Some requests take more than 30 seconds. |
| 47 | proxy_redirect off; | 51 | proxy_redirect off; |
| @@ -63,5 +67,4 @@ server { | @@ -63,5 +67,4 @@ server { | ||
| 63 | } | 67 | } |
| 64 | 68 | ||
| 65 | error_page 502 /502.html; | 69 | error_page 502 /502.html; |
| 66 | -} | ||
| 67 | - | 70 | +} |
| 68 | \ No newline at end of file | 71 | \ No newline at end of file |