Join the community today
Register Now

Nginx https and gzip

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by tjk, Jun 20, 2016.

  1. tjk

    tjk Member

    76
    16
    8
    Jun 27, 2015
    Ratings:
    +27
    Local Time:
    10:01 AM
    I haven't had a chance to dig into this in detail yet, but in testing, gzip doesn't appear to be working with https vhost, with valid or self signed cert.

    With http vhost, it is on. gzip is enabled in the nginx.conf file, so not sure why https is getting disabled.

    This is with latest beta and testing against Check GZIP compression using default settings.

    Any idea @eva2000, I won't be able to dig into this until tomorrow afternoon again.

     
  2. eva2000

    eva2000 Administrator Staff Member

    54,389
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    1:01 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    is test file less than 1400 bytes ?

    nginx.conf has a gzip_min_length set at 1400 bytes so anything under is not gzipped
    Code (Text):
    grep gzip_min /usr/local/nginx/conf/nginx.conf
            gzip_min_length   1400;


    try another gzip test that i use WhatsMyIP.org | HTTP Compression Test
     
  3. tjk

    tjk Member

    76
    16
    8
    Jun 27, 2015
    Ratings:
    +27
    Local Time:
    10:01 AM
    That test site gives me an even stranger error: Error - Unable To Load URL.

    But this one Gzip Test | HTTP Compression Test says gzip is enabled.
     
  4. eva2000

    eva2000 Administrator Staff Member

    54,389
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    1:01 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    did you enable nginx brotli compression that runs over HTTPS ? could be testing tool can't read content-encoding = br
    Code (Text):
    NGINX_LIBBROTLI='y'

    you can check for brotli = br at Brotli Test | Brotli compression check

    curl check over https = content-encoding = br for clients that support Accept-Encoding: br otherwise fall back to Accept-Encoding: gzip
    Code (Text):
    curl -sI /dev/null -H"Accept-Encoding: gzip,br" https://centminmod.com | egrep 'Content-Encoding|^Content-Type|Content-Length'
    Content-Type: text/html; charset=utf-8
    Content-Encoding: br

    curl over gzip only returns gzip compressed files
    Code (Text):
    curl -sI /dev/null -H"Accept-Encoding: gzip" https://centminmod.com | egrep 'Content-Encoding|^Content-Type|Content-Length'
    Content-Type: text/html; charset=utf-8
    Content-Encoding: gzip
    

    If brotli compression enabled in nginx via NGINX_LIBBROTLI='y' then problem is with testing tools themselves whether they can understand content-encoding = br :)
     
    Last edited: Jun 20, 2016
  5. tjk

    tjk Member

    76
    16
    8
    Jun 27, 2015
    Ratings:
    +27
    Local Time:
    10:01 AM
    OK, so it gets even more odd...

    I'm running defaults on centmin mod install, in my centmin.sh NGINX_LIBBROTLI='n', but the Brotli test site says Brtotli is supported.

    nginx -V shows: --with-http_gzip_static_module --add-dynamic-module=../ngx_brotli

    So, it was compiled in with nginx, even though it is set to no in the config file?

    Also, I assume it is ok to run gzip and brotli together?

    Curl output:
    Code:
    Content-Type: text/html;charset=UTF-8
    Content-Length: 8967
    Content-Encoding: gzip
    [/codeb]
     
  6. eva2000

    eva2000 Administrator Staff Member

    54,389
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    1:01 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yes it is as Web browser support it properly

    As to brotli did you set it in custom_config.inc? Or use 123.09beta01 installer-latest.sh? Both will enable brotli

    The installer-latest.sh does it via the persistent custom_config.inc file
     
  7. tjk

    tjk Member

    76
    16
    8
    Jun 27, 2015
    Ratings:
    +27
    Local Time:
    10:01 AM
    I didn't change any of the defaults, it is enabled in the custom_config.inc, and disabled in the centmin.sh file under the #General Configuration, and enabled under the #Nginx Dynamic Modules section.

    I have not modified any of these files, but now looking through them, I assume custom_config.inc is the one file we should be changing for modules and such, and will not get overwritten on upgrades, and the others will?
     
  8. eva2000

    eva2000 Administrator Staff Member

    54,389
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    1:01 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yup

    Only installer-latest.sh initial install will enable brotli via custom_config.inc out of the box
     
  9. tjk

    tjk Member

    76
    16
    8
    Jun 27, 2015
    Ratings:
    +27
    Local Time:
    10:01 AM
    Thanks Eva, as always, appreciate the time you take helping folks out too!
     
  10. eva2000

    eva2000 Administrator Staff Member

    54,389
    12,198
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,763
    Local Time:
    1:01 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    you're welcome

    fyi, you can check what the installer-latest.sh pre-populates in persistent config file /etc/centminmod/custom_config.inc on github on lines 415-432 - installer-latest.sh corresponds to betainstaller-latest.sh on centminmod.com via install command
    Code (Text):
    curl -O https://centminmod.com/betainstaller-latest.sh && chmod 0700 betainstaller-latest.sh && bash betainstaller-latest.sh