File ssl.conf of Package proceed-nginx (Revision 1ee3db23d7d09a98e41ed527e1f1e0ad)
Currently displaying revision 1ee3db23d7d09a98e41ed527e1f1e0ad, show latest
1
2
#server {
3
# listen 443;
4
# server_name _;
5
6
# ssl on;
7
# ssl_certificate cert.pem;
8
# ssl_certificate_key cert.key;
9
10
# Don't use outdated SSLv3 protocol. Protects against BEAST and POODLE attacks.
11
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
12
13
# Use secure ciphers - courtesy Cloudflare
14
# ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
15
# ssl_prefer_server_ciphers on;
16
17
# ssl_session_cache shared:SSL:20m;
18
# ssl_session_tickets on;
19
# ssl_session_timeout 30m;
20
21
# HSTS - Use HTTPS exclusively , uncomment one.
22
# add_header Strict-Transport-Security "max-age=15768000; includeSubdomains";
23
24
# create new one with: openssl dhparam -out dhparams.pem 2048
25
# ssl_dhparam /etc/nginx/ssl/dhparams_2048.pem;
26
27
# ssl_buffer_size 4k;
28
29
# if you want extra security at the cost of considerable pressure on processor ..
30
# ssl_ecdh_curve secp384r1;
31
32
# location / {
33
# root html;
34
# index index.html index.htm;
35
# }
36
#}
37
38