I run nginx 1.9.12 on Freebsd 10.2. (waiting on 1.9.13 to be in ports!) What follows is my nginx.conf as it exists currently. To disable brotli, I commented out the module line and two configuration lines. (likewise, when I enabled it, I did the reverse) I did not disable gzip when I enabled brotli. I compile nginx out of freebsd's ports collection as nginx-devel. ====================================================== #load_module modules/ngx_http_brotli_filter_module.so; worker_processes 3; events { worker_connections 6144; } http { include mime.types; default_type application/octet-stream; sendfile on; tcp_nopush on; tcp_nodelay off; client_max_body_size 20M; server_names_hash_bucket_size 256; access_log /dev/null combined buffer=32k; error_log /var/log/nginx/error.log crit; server_tokens off; ssl_session_cache shared:SSL:45m; ssl_session_timeout 45m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA; gzip on; gzip_comp_level 5; gzip_disable "MSIE [1-6]\."; gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript; gzip_vary on; #brotli on; #brotli_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; index index.php index.txt index.html index.htm; include fastcgi_params; fastcgi_intercept_errors on; server { server_name _; root /usr/local/www/nginx-dist; return 403; } include sites/*; } ======================================================== What follows is my site configuration (the one which was de-indexed from google upon enabling brotli). I'm not sure if it is relevant, but I'm including it just in case. ======================================================== server { listen 443 ssl http2 default_server; listen [::]:443 ssl http2 ipv6only=on default_server; server_name explodie.org; client_body_timeout 15s; client_header_timeout 15s; ssl on; ssl_certificate /usr/local/etc/nginx/certs/explodie.crt; ssl_certificate_key /usr/local/etc/nginx/certs/explodie.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_buffer_size 8k; #ssl_ciphers ECDHE-RSA-CHACHA20-POLY1305-SHA256:ECDHE-RSA-CAMELLIA128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA; #ssl_ecdh_curve secp384r1; ssl_prefer_server_ciphers on; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /usr/local/etc/nginx/certs/ssl-stapling.pem; resolver 208.67.222.222; keepalive_timeout 230; root /home/explodie/www; error_log /home/explodie/logs/explodie.org.error.log error; access_log off; add_header Cache-Control public; add_header Cache-Control stale-while-revalidate=7776000; add_header Strict-Transport-Security "max-age=315360000; includeSubDomains; preload"; add_header x-dns-prefetch-control on; add_header 'Timing-Allow-Origin' '*'; add_header X-Frame-Options DENY; add_header X-Content-Type-Options 'nosniff'; add_header X-XSS-Protection "1; mode=block"; add_header X-Permitted-Cross-Domain-Policies 'none'; add_header 'Access-Control-Allow-Origin' 'null'; add_header 'Access-Control-Max-Age' 315360000; add_header Content-Security-Policy "default-src https:; style-src https: 'unsafe-inline' 'unsafe-eval'; img-src data: https:; object-src 'self' https:; referrer no-referrer; reflected-xss block; upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'none'; form-action 'none';"; add_header 'X-Meta' 'This HTTP response is now DIAMONDS'; add_header 'X-NSA-DNT' 'DONOTTRACK'; expires 3M; etag off; autoindex off; charset UTF-8; error_page 404 /404.html; } ============================================================= Compile time modules enabled: IPV6, HTTP, HTTP_CACHE, HTTP_REWRITE, HTTP_SSL, HTTPV2, BROTLI probably not relevant, but I use the openssl from ports, not freebsd base. (currently openssl-1.0.2_11)