Skip to content

Instantly share code, notes, and snippets.

View aviafelix's full-sized avatar

Alexander Okrugin aviafelix

View GitHub Profile
@aviafelix
aviafelix / site.conf
Created May 2, 2016 21:27 — forked from paskal/site.conf
Nginx configuration for best security and modest performance. Full info on https://terrty.net/2014/ssl-tls-in-nginx/
# read more at https://terrty.net/2014/ssl-tls-in-nginx/
# latest version on https://gist.github.com/paskal/628882bee1948ef126dd/126e4d1daeb5244aacbbd847c5247c2e293f6adf
# security test score: https://www.ssllabs.com/ssltest/analyze.html?d=terrty.net
# your nginx version might not have all directives included, test this configuration before using in production against your nginx:
# $ nginx -c /etc/nginx/nginx.conf -t
server {
# public key, contains your public key and class 1 certificate, to create:
# (example for startssl)
# $ (cat example.com.pem & wget -O - https://www.startssl.com/certs/class1/sha2/pem/sub.class1.server.sha2.ca.pem) | tee -a /etc/nginx/ssl/domain.pem > /dev/null
0 = Success
1 = Operation not permitted
2 = No such file or directory
3 = No such process
4 = Interrupted system call
5 = Input/output error
6 = No such device or address
7 = Argument list too long
8 = Exec format error
9 = Bad file descriptor