Guest User

Untitled

a guest
Jan 5th, 2016
63
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. server {
  2.     listen [::]:443 ssl http2;
  3.     listen 443 ssl;
  4.  
  5.     #ANPASSEN
  6.     server_name bruteforce.alenan.org *.bruteforce.alenan.org;
  7.  
  8.     root /var/www/html;
  9.     index index.html;
  10.  
  11.     autoindex off;
  12.    
  13.     #/anpassen
  14.  
  15.     #Add headers
  16.     add_header Strict-Transport-Security 'max-age=31526000; includeSubDomains; preload';
  17.  
  18.     #Define all TLS/SSL
  19.     ssl on;
  20.  
  21.     ssl_certificate /etc/[..]/chain.pem;
  22.     ssl_certificate_key /etc/[...]/privkey.pem;
  23.     #ssl_dhparam /etc/nginx/ssl/dhparam4096.pem;
  24.    
  25.     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  26.     ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
  27.     ssl_prefer_server_ciphers on;
  28.     ssl_buffer_size 1400;    
  29.     ssl_session_cache shared:SSL:10m;
  30.     ssl_session_cache shared:ssl_session_cache:10m;
  31.     ssl_session_timeout 24h;
  32.  
  33.     #Stabling
  34.     ssl_stapling on;
  35.     ssl_stapling_verify on;
  36.     resolver 8.8.4.4 8.8.8.8 valid=300s;
  37.     resolver_timeout 10s;
  38. }
RAW Paste Data