Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
nginx config spdy connection interrupted issue
ssl_certificate /etc/ssl/private/mydomain.com.crt;
ssl_certificate_key /etc/ssl/private/mydomain.com.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
# forward secrecy config, from https://community.qualys.com/blogs/securitylabs/2013/08/05/configuring-apache-nginx-and-openssl-for-forward-secrecy
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-SHA;
# redirect all http traffic to https
server {
charset utf-8;
listen 80;
server_name mydomain.com www.mydomain.com;
return 301 https://mydomain.com$request_uri;
}
server {
charset utf-8;
server_name mydomain.com;
listen 443 ssl spdy;
root /var/www/mydomain.com;
index index.html;
access_log /var/log/nginx/mydomain.com_access.log;
error_log /var/log/nginx/mydomain.com_error.log;
client_max_body_size 10m;
location / {
try_files $uri $uri/ /index.html;
}
location /packages {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/htpasswd-group;
alias /backup/packages;
try_files $uri $uri/ /packages/;
fancyindex on;
fancyindex_exact_size off;
fancyindex_localtime on;
fancyindex_header "/fancyindex/header.html";
fancyindex_footer "/fancyindex/footer.html";
}
location /fancyindex {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/htpasswd-group;
alias /var/www/fancyindex;
try_files $uri $uri/;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.