Skip to content

Instantly share code, notes, and snippets.

@aaronpk

aaronpk/nginx.conf Secret

Created September 8, 2014 02:38
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save aaronpk/beb264839e19995713de to your computer and use it in GitHub Desktop.
Save aaronpk/beb264839e19995713de to your computer and use it in GitHub Desktop.
Download ZIP
Raw
nginx.conf
server {
listen 96.126.102.98:443 ssl;
server_name aaronparecki.com;
access_log /var/log/nginx/aaronparecki.access.log main;
error_log /var/log/nginx/aaronparecki.error.log;
ssl on;
ssl_certificate /web/conf/ssl/aaronparecki.com.chained.crt;
ssl_certificate_key /web/conf/ssl/server.key;
ssl_session_timeout 5m;
# latest attempt from indiewebcamp.com/nginx
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
# previous attempt
#ssl_protocols SSLv3 TLSv1;
#ssl_ciphers ALL:!ADH:!EXPORT56:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+EXP;
#ssl_protocols SSLv3 TLSv1;
#ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
ssl_prefer_server_ciphers on;
# ... more uninteresting stuff here
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment