Skip to content

Instantly share code, notes, and snippets.

@xluffy

xluffy/nginx-ssl.conf

Created October 13, 2015 10:22
Show Gist options
  • Save xluffy/9e6770bcb0020aea48ae to your computer and use it in GitHub Desktop.
Save xluffy/9e6770bcb0020aea48ae to your computer and use it in GitHub Desktop.
Download ZIP
nginx-ssl.conf
Raw
nginx-ssl.conf
add_header Strict-Transport-Security max-age=31536000;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
ssl_buffer_size 8k;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:30m;
ssl_session_timeout 30m;
ssl_session_tickets off;
ssl_stapling_verify on;
resolver 8.8.8.8 valid=300s;
resolver_timeout 5s;
ssl_certificate /etc/nginx/ssl/dj.cert.pem;
ssl_certificate_key /etc/nginx/ssl/dj.key.pem;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment