Advertisement
ustoopia

options-ssl-nginx.conf

Jul 16th, 2020
224
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ssl_session_cache shared:le_nginx_SSL:1m;
  2. ssl_session_timeout 1d;
  3. ssl_session_tickets off;
  4.  
  5. ssl_protocols TLSv1.2;
  6. ssl_prefer_server_ciphers on;
  7. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
  8. ssl_ecdh_curve secp384r1;
  9.  
  10. ssl_stapling on;
  11. ssl_stapling_verify on;
  12.  
  13. add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload;";
  14. add_header Referrer-Policy "no-referrer, strict-origin-when-cross-origin";
  15. add_header X-Frame-Options SAMEORIGIN;
  16. add_header X-Content-Type-Options nosniff;
  17. add_header X-XSS-Protection "1; mode=block";
Advertisement
RAW Paste Data Copied
Advertisement