vulcan25/example.conf

## example.conf
# move this file to sites-available/

server {
    listen 443 ssl;
    client_max_body_size 32M;

    # set the correct host(s) for your site
    server_name example.com;

    keepalive_timeout 5;

    ssl_certificate     /srv/ssl/chained.pem;
    ssl_certificate_key /srv/ssl/private.key;

    location / {
    alias /var/www/html/;
    }
}

server {
    listen 80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl default_server;
   # ssl_certificate     /srv/self-ssl/cert.pem;
   # ssl_certificate_key /srv/self-ssl/key.pem;
    server_name _;
    return 444;
}

## nginx.conf
worker_processes 1;
user nobody nogroup;
error_log  /var/log/nginx/error.log info;
pid /var/run/nginx.pid;

events {
    worker_connections 1024; # increase if you have lots of clients
    accept_mutex off; # set to 'on' if nginx worker_processes > 1
}

http {
    server_tokens off;
    include mime.types;

    # fallback in case we can't determine a type
    default_type application/octet-stream;
    access_log /var/log/nginx/access.log combined;
    sendfile on;
    ssl_protocols  TLSv1.2;

    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;

    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Xss-Protection "1; mode=block" always;
    add_header X-Content-Type-Options "nosniff" always;

    include /etc/nginx/sites-enabled/*.conf;
}
	# move this file to sites-available/

	server {
	listen 443 ssl;
	client_max_body_size 32M;

	# set the correct host(s) for your site
	server_name example.com;

	keepalive_timeout 5;

	ssl_certificate /srv/ssl/chained.pem;
	ssl_certificate_key /srv/ssl/private.key;

	location / {
	alias /var/www/html/;
	}
	}

	server {
	listen 80 default_server;
	server_name _;
	return 301 https://$host$request_uri;
	}

	server {
	listen 443 ssl default_server;
	# ssl_certificate /srv/self-ssl/cert.pem;
	# ssl_certificate_key /srv/self-ssl/key.pem;
	server_name _;
	return 444;
	}
	worker_processes 1;
	user nobody nogroup;
	error_log /var/log/nginx/error.log info;
	pid /var/run/nginx.pid;

	events {
	worker_connections 1024; # increase if you have lots of clients
	accept_mutex off; # set to 'on' if nginx worker_processes > 1
	}

	http {
	server_tokens off;
	include mime.types;

	# fallback in case we can't determine a type
	default_type application/octet-stream;
	access_log /var/log/nginx/access.log combined;
	sendfile on;
	ssl_protocols TLSv1.2;

	ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
	ssl_prefer_server_ciphers on;
	ssl_session_cache shared:SSL:10m;
	ssl_session_timeout 10m;

	add_header X-Frame-Options "SAMEORIGIN" always;
	add_header X-Xss-Protection "1; mode=block" always;
	add_header X-Content-Type-Options "nosniff" always;

	include /etc/nginx/sites-enabled/*.conf;
	}