Logoj0ke.net Open Build Service > Projects > home:kries:proceed_dev > nginx_debug > ssl.conf
Sign Up | Log In

File ssl.conf of Package nginx_debug (Revision 67ed2b72bd7b5f4ffad8db71e88a2367)

Currently displaying revision 67ed2b72bd7b5f4ffad8db71e88a2367, show latest

 
1
2
#server {
3
#    listen       443;
4
#    server_name  _;
5
6
#    ssl                  on;
7
#    ssl_certificate      cert.pem;
8
#    ssl_certificate_key  cert.key;
9
10
#    Don't use outdated SSLv3 protocol. Protects against BEAST and POODLE attacks.
11
#    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
12
13
#    Use secure ciphers - courtesy Cloudflare
14
#    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
15
#    ssl_prefer_server_ciphers on;
16
17
#    ssl_session_cache shared:SSL:20m;
18
#    ssl_session_tickets on;
19
#    ssl_session_timeout 30m;
20
21
#    HSTS - Use HTTPS exclusively , uncomment one.
22
#    add_header Strict-Transport-Security "max-age=15768000; includeSubdomains";
23
24
#    create new one with: openssl dhparam -out dhparams.pem 2048
25
#    ssl_dhparam /etc/nginx/ssl/dhparams_2048.pem;
26
27
#    ssl_buffer_size 4k;
28
29
#    if you want extra security at the cost of considerable pressure on processor ..
30
#    ssl_ecdh_curve secp384r1;
31
32
#    location / {
33
#       root   html;
34
#         index  index.html index.htm;
35
#     }
36
#}
37
38