Skip to content

Instantly share code, notes, and snippets.

Avatar

Dan Palmer danpalmer

View GitHub Profile
View keybase.md

Keybase proof

I hereby claim:

  • I am danpalmer on github.
  • I am danpalmer (https://keybase.io/danpalmer) on keybase.
  • I have a public key whose fingerprint is A22E 9ACE 88B8 3849 E985 22FE 1CBB 0EBE 58F4 24A7

To claim this, I am signing this object:

View dhparam.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index 683549c..03b9696 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -33,6 +33,7 @@ server {
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:2m;
+ ssl_dhparam /etc/ssl/certs/dhparam.pem;
View ocsp_stapling.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index 487cc14..7701f2e 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -23,7 +23,7 @@ server {
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ ssl_trusted_certificate /etc/ssl/certs/ca-certs.pem;
+ resolver 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844];
View hsts.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index 487cc14..7701f2e 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -23,7 +23,7 @@ server {
+ add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
View disable_tls11.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index 487cc14..7701f2e 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -23,7 +23,7 @@ server {
- ssl_protocols TLSv1.1 TLSv1.2;
+ ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
ssl_prefer_server_ciphers on;
View danpalmer.me.crt
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgIRAIC3i21tSsS9tuhDfry1vSwwDQYJKoZIhvcNAQELBQAw
... truncated danpalmer.me certificate
CXzhUG9MBZRsbq2vqQhgnCwlAiF+K/SOj7BF0t7tvE7IUvGYV0I+aQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIF6TCCA9GgAwIBAgIQBeTcO5Q4qzuFl8umoZhQ4zANBgkqhkiG9w0BAQwF
... truncated Gandi certificate
xzFfBT02Vf6Dsuimrdfp5gJ0iHRc2jTbkNJtUQoj1iM=
-----END CERTIFICATE-----
View ssl_caching.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index a2f5c6e..94ecbdb 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -24,6 +24,7 @@ server {
+ ssl_session_cache shared:SSL:2m;
View tls1.2.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index 487cc14..7701f2e 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -23,7 +23,7 @@ server {
- ssl_protocols SSLv2 TLSv1;
+ ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
View poodle.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index a97dd8c..487cc14 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -23,7 +23,7 @@ server {
- ssl_protocols SSLv3 TLSv1;
+ ssl_protocols TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
View gist:269cdd2d5bc75e0baf77
def fib(n):
a, b = 0, 1
for i in range(n):
a, b = b, a + b
return b