Skip to content

Instantly share code, notes, and snippets.

Dan Palmer danpalmer

Block or report user

Report or block danpalmer

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View keybase.md

Keybase proof

I hereby claim:

  • I am danpalmer on github.
  • I am danpalmer (https://keybase.io/danpalmer) on keybase.
  • I have a public key whose fingerprint is A22E 9ACE 88B8 3849 E985 22FE 1CBB 0EBE 58F4 24A7

To claim this, I am signing this object:

View dhparam.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index 683549c..03b9696 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -33,6 +33,7 @@ server {
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:2m;
+ ssl_dhparam /etc/ssl/certs/dhparam.pem;
View ocsp_stapling.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index 487cc14..7701f2e 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -23,7 +23,7 @@ server {
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ ssl_trusted_certificate /etc/ssl/certs/ca-certs.pem;
+ resolver 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844];
View hsts.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index 487cc14..7701f2e 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -23,7 +23,7 @@ server {
+ add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
View disable_tls11.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index 487cc14..7701f2e 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -23,7 +23,7 @@ server {
- ssl_protocols TLSv1.1 TLSv1.2;
+ ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
ssl_prefer_server_ciphers on;
View danpalmer.me.crt
-----BEGIN CERTIFICATE-----
MIIF9DCCBNygAwIBAgIRAIC3i21tSsS9tuhDfry1vSwwDQYJKoZIhvcNAQELBQAw
... truncated danpalmer.me certificate
CXzhUG9MBZRsbq2vqQhgnCwlAiF+K/SOj7BF0t7tvE7IUvGYV0I+aQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIF6TCCA9GgAwIBAgIQBeTcO5Q4qzuFl8umoZhQ4zANBgkqhkiG9w0BAQwF
... truncated Gandi certificate
xzFfBT02Vf6Dsuimrdfp5gJ0iHRc2jTbkNJtUQoj1iM=
-----END CERTIFICATE-----
View ssl_caching.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index a2f5c6e..94ecbdb 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -24,6 +24,7 @@ server {
+ ssl_session_cache shared:SSL:2m;
View tls1.2.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index 487cc14..7701f2e 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -23,7 +23,7 @@ server {
- ssl_protocols SSLv2 TLSv1;
+ ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
View poodle.diff
diff --git a/nginx_ssl.conf b/nginx_ssl.conf
index a97dd8c..487cc14 100644
--- a/nginx_ssl.conf
+++ b/nginx_ssl.conf
@@ -23,7 +23,7 @@ server {
- ssl_protocols SSLv3 TLSv1;
+ ssl_protocols TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
View gist:269cdd2d5bc75e0baf77
def fib(n):
a, b = 0, 1
for i in range(n):
a, b = b, a + b
return b
You can’t perform that action at this time.