Skip to content

Instantly share code, notes, and snippets.

@sharoonthomas

sharoonthomas/gist:10221454

Created April 9, 2014 02:44
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sharoonthomas/10221454 to your computer and use it in GitHub Desktop.
Save sharoonthomas/10221454 to your computer and use it in GitHub Desktop.
Download ZIP
nginx configuration for SSL with better security
Raw
gistfile1.nginxconf
{
ssl on;
server_tokens off;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA;
# HTTP Strict Transport Security
add_header Strict-Transport-Security max-age=31536000;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment