### You should look at the following URL's in order to grasp a solid understan

1. ##
2. # You should look at the following URL's in order to grasp a solid understanding
3. # of Nginx configuration files in order to fully unleash the power of Nginx.
4. # http://wiki.nginx.org/Pitfalls
5. # http://wiki.nginx.org/QuickStart
6. # http://wiki.nginx.org/Configuration
7. #
8. # Generally, you will want to move this file somewhere, and start with a clean
9. # file but keep this around for reference. Or just disable in sites-enabled.
10. #
11. # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
12. ##
13.  
14. # Default server configuration
15. #
16. server {
17. #listen 80 default_server;
18. #listen [::]:80 default_server;
19.  
20. # SSL configuration
21. #
22. # listen 443 ssl default_server;
23. # listen [::]:443 ssl default_server;
24. #
25. # Note: You should disable gzip for SSL traffic.
26. # See: https://bugs.debian.org/773332
27. #
28. # Read up on ssl_ciphers to ensure a secure configuration.
29. # See: https://bugs.debian.org/765782
30. #
31. # Self signed certs generated by the ssl-cert package
32. # Don't use them in a production server!
33. #
34. # include snippets/snakeoil.conf;
35.  
36. root /var/www/html;
37. location ~ /.well-known {
38. allow all;
39. }
40.  
41. # Add index.php to the list if you are using PHP
42. index index.html index.htm index.nginx-debian.html;
43.  
44. listen 443 ssl;
45.  
46. server_name blinkvids.tk www.blinkvids.tk
47. ssl_certificate /etc/letsencrypt/live/blinkvids.tk/fullchain.pem;
48. ssl_certificate_key /etc/letsencrypt/live/blinkvids.tk/privkey.pem;
49. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
50. ssl_prefer_server_ciphers on;
51. ssl_dhparam /etc/ssl/certs/dhparam.pem;
52. ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
53. ssl_session_timeout 1d;
54. ssl_session_cache shared:SSL:50m;
55. ssl_stapling on;
56. ssl_stapling_verify on;
57. add_header Strict-Transport-Security max-age=15768000;
58.  
59.  
60. location / {
61. # First attempt to serve request as file, then
62. # as directory, then fall back to displaying a 404.
63. try_files $uri $uri/ =404;
64. }
65.  
66. # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
67. #
68. #location ~ \.php$ {
69. # include snippets/fastcgi-php.conf;
70. #
71. # # With php7.0-cgi alone:
72. # fastcgi_pass 127.0.0.1:9000;
73. # # With php7.0-fpm:
74. # fastcgi_pass unix:/run/php/php7.0-fpm.sock;
75. #}
76.  
77. # deny access to .htaccess files, if Apache's document root
78. # concurs with nginx's one
79. #
80. #location ~ /\.ht {
81. # deny all;
82. #}
83. }
84.  
85. server {
86. listen 80;
87. server_name blinkvids.tk www.blinkvids.tk;
88. return 301 https://$host$request_uri;
89. }
90.  
91. # Virtual Host configuration for example.com
92. #
93. # You can move that to a different file under sites-available/ and symlink that
94. # to sites-enabled/ to enable it.
95. #
96. #server {
97. # listen 80;
98. # listen [::]:80;
99. #
100. # server_name example.com;
101. #
102. # root /var/www/example.com;
103. # index index.html;
104. #
105. # location / {
106. # try_files $uri $uri/ =404;
107. # }
108. #}