https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197732#M5779 <P>I see what you're saying, I guess I should have been more specific, our vulnerability scanner is picking up a finding on the Splunk Web Interface accessible via 443 that SSL/TLS compression is enabled - behind the scenes I know CherryPy is running - and from what I can tell you can't tell it to stop using SSL Compression.</P> Tue, 07 Jan 2014 19:46:02 GMT dask 2014-01-07T19:46:02Z https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197729#M5776 <P>For splunkd on the indexer you can set a value in the server.conf file as such:</P> <P>allowSslCompression = false</P> <P>Is there an ability to do this for splunkweb?</P> <P>There doesn't seem to be a setting to disable ssl Compression in web.conf</P> Tue, 07 Jan 2014 18:32:09 GMT https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197729#M5776 dask 2014-01-07T18:32:09Z https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197730#M5777 <P>Title should be SSL compression but the Captcha keeps failing for some reason</P> Tue, 07 Jan 2014 18:48:45 GMT https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197730#M5777 dask 2014-01-07T18:48:45Z https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197731#M5778 <P>server.conf is for a general splunk server. It should apply to both indexers and searchheads, imo. </P> <P>You can run btool on the search head to determine what the current setting is: <CODE>/opt/splunk/bin/splunk cmd btool --debug server list</CODE></P> <P>EDIT:</P> <P>You might like this: <CODE><A href="http://www.georgestarcher.com/?p=674" target="test_blank">http://www.georgestarcher.com/?p=674</A></CODE>. This might be relevant: <CODE><A href="http://answers.splunk.com/answers/65218/splunk-shows-vulnerable-to-cve-2012-4929-in-my-nessus-vulnerability-scan-what-is-going-on" target="test_blank">http://answers.splunk.com/answers/65218/splunk-shows-vulnerable-to-cve-2012-4929-in-my-nessus-vulnerability-scan-what-is-going-on</A></CODE></P> Tue, 07 Jan 2014 19:40:58 GMT https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197731#M5778 alacercogitatus 2014-01-07T19:40:58Z https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197732#M5779 <P>I see what you're saying, I guess I should have been more specific, our vulnerability scanner is picking up a finding on the Splunk Web Interface accessible via 443 that SSL/TLS compression is enabled - behind the scenes I know CherryPy is running - and from what I can tell you can't tell it to stop using SSL Compression.</P> Tue, 07 Jan 2014 19:46:02 GMT https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197732#M5779 dask 2014-01-07T19:46:02Z https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197733#M5780 <P>You might like this: <CODE><A href="http://www.georgestarcher.com/?p=674" target="test_blank">http://www.georgestarcher.com/?p=674</A></CODE>. This might be relevant: <CODE><A href="http://answers.splunk.com/answers/65218/splunk-shows-vulnerable-to-cve-2012-4929-in-my-nessus-vulnerability-scan-what-is-going-on" target="test_blank">http://answers.splunk.com/answers/65218/splunk-shows-vulnerable-to-cve-2012-4929-in-my-nessus-vulnerability-scan-what-is-going-on</A></CODE></P> Tue, 07 Jan 2014 19:50:06 GMT https://community.splunk.com/t5/Security/Is-it-possible-to-disable-http-compression-on-SplunkWeb/m-p/197733#M5780 alacercogitatus 2014-01-07T19:50:06Z