Tag: nginx

Total 10 Posts

CSP Nonce support in Nginx

Content Security Policy is an incredibly powerful security feature but in some circumstances it can be a little difficult to deploy. Removing inline scripts or styles often comes up as one of the hurdles. Here's how I introduced CSP nonce support in Nginx to counter the problem. Content Security Policy…

Continue Reading

Doing the ChaCha with Nginx

ChaCha20-Poly1305 is the combination of a new cipher, ChaCha20, and a new MAC, Poly1305, to give us a new AEAD cipher suite. AEADs will be the only option that will be available going forwards in TLSv1.3 so alongside AES-GCM, ChaCha20-Poly1305 will be our only other choice. There are also…

Continue Reading

Brotli Compression

Following a few performance related blogs recently this one is following a similar trend and is going to look at Brotli compression. It was announced by Google in September 2015 and it claims to offer 20%-26% better compression than existing compression algorithms. That's a pretty noteworthy improvement to compression…

Continue Reading

Caching Ghost with Nginx

The performance of my site has always been a consideration, the faster your site, the better the browsing experience. I've made various changes in the past to try and boost performance but this is perhaps the best one so far. Setting up caching with Nginx. Performance We should all want…

Continue Reading