Created
October 4, 2023 19:10
-
-
Save cvan/9f515d15647886d3d8e9920b7c0fa6c5 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # generated 2023-10-04, Mozilla Guideline v5.7, Caddy 2.1.1, intermediate configuration | |
| # https://ssl-config.mozilla.org/#server=caddy&version=2.1.1&config=intermediate&guideline=5.7 | |
| # note that Caddy automatically configures safe TLS settings | |
| # replace example.com with your domain name | |
| example.com | |
| # Due to a lack of DHE support, you -must- use an ECDSA cert to support IE 11 on Windows 7 | |
| tls { | |
| protocols tls1.2 tls1.3 | |
| ciphers TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | |
| } | |
| # HSTS (63072000 seconds) | |
| header / Strict-Transport-Security "max-age=63072000" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment