-
-
Save xXPhenomXx/4a14283d1aff0a5556bf405d44ee60b0 to your computer and use it in GitHub Desktop.
Revisions
-
timcheadle revised this gist
Jul 18, 2014 . 1 changed file with 0 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,3 @@ server { listen 80; server_name www.example.com example.com; -
Jul 18, 2014 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,42 @@ ## Return (no rewrite) server block. server { listen 80; server_name www.example.com example.com; # Redirect all traffic to SSL rewrite ^ https://$server_name$request_uri? permanent; } server { listen 443 ssl default_server; # enables SSLv3/TLSv1, but not SSLv2 which is weak and should no longer be used. ssl_protocols SSLv3 TLSv1; # disables all weak ciphers ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM; server_name www.example.com example.com; ## Access and error logs. access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log info; ## Keep alive timeout set to a greater value for SSL/TLS. keepalive_timeout 75 75; ## See the keepalive_timeout directive in nginx.conf. ## Server certificate and key. ssl on; ssl_certificate /etc/ssl/certs/example.com-rapidssl.crt; ssl_certificate_key /etc/ssl/private/example.com-rapidssl.key; ssl_session_timeout 5m; ## Strict Transport Security header for enhanced security. See ## http://www.chromium.org/sts. I've set it to 2 hours; set it to ## whichever age you want. add_header Strict-Transport-Security "max-age=7200"; root /var/www/example.com/; index index.php; }