Continuing the discussion from Discourse not using brotli or gzip compression?:
In the discussion above it’s mentioned to set some nginx proxy lines to disable compression. My forum uses content-encoding gzip
. Since this is considered a bad practice, I would like to disable it. gzip off;
is set in my /etc/nginx/nginx.conf
on my Debian 11 machine. None of my other websites that I host from this same server have compression enabled. So my guess is that this is set in the container.
So this leaves me with 2 questions.
- Is this meant to stay enabled and the security considerations are not valid?
- It’s up to the admin, you may disable it, the
proxy_hide_header Vary;
andproxy_set_header Accept-Encoding '';
are your friend?