Opened 3 years ago

#1164 new enhancement

Option to turn off TLS protocols errors in the logs

Reported by: jerrygrey@… Owned by:
Priority: minor Milestone: 1.11
Component: other Version: 1.11.x
Keywords: ssl tls Cc:
uname -a: Linux homer 3.10.0-327.36.3.el7.x86_64 #1 SMP Mon Oct 24 16:09:20 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.11.6 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-4) (GCC) built with OpenSSL 1.1.0c 10 Nov 2016 TLS SNI support enabled configure arguments: --prefix=/software/nginx-1.11.6 --add-module=/src/ngx_brotli --with-threads --with-http_ssl_module --with-http_v2_module --with-openssl=/src/openssl-1.1.0c --without-http_memcached_module --without-http_browser_module --without-http_empty_gif_module --without-http_limit_conn_module --without-http_ssi_module --without-http_userid_module --without-http_geo_module --without-http_uwsgi_module --without-http_scgi_module --with-cc-opt=-Wno-deprecated-declarations

Description

I recently changed my nginx configuration to only accept TLSv1.2 as per the latest security recommendations. But it seems spammers has only access to TLSv1.0 as a result my error logs is floored with TLS protocol errors. Just like log_not_found, there needs to be an option to turn off logging of these types of errors, so I don't need to empty the logs each day. Thank you.

Change History (0)

Note: See TracTickets for help on using tickets.