Want to subscribe to topics you're interested in?
Become a Member

Master Branch add /usr/local/nginx/conf/ss-include.conf template

Discussion in 'Centmin Mod Github Commits' started by eva2000, Jun 25, 2015.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    30,178
    6,786
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,139
    Local Time:
    7:39 PM
    Nginx 1.13.x
    MariaDB 5.5
  2. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    5:39 PM
    1.11
    10.2
    I'm doing something like this long time ago :D
    Easier to mange vhost file :)
     
  3. eva2000

    eva2000 Administrator Staff Member

    30,178
    6,786
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,139
    Local Time:
    7:39 PM
    Nginx 1.13.x
    MariaDB 5.5
    yes less confusing for some folks to have them separate for http and https and have include file for commonly required set values across multiple https/SSL sites :)
     
  4. RoldanLT

    RoldanLT Well-Known Member

    3,901
    949
    113
    May 25, 2014
    Phillipines
    Ratings:
    +1,298
    Local Time:
    5:39 PM
    1.11
    10.2
    You may include:
    Code:
    keepalive_timeout 300;
    add_header Strict-Transport-Security "max-age=15552000; includeSubdomains;";
    add_header X-Content-Type-Options "nosniff";
    add_header Alternate-Protocol 443:npn-spdy/3;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:50m;
    ssl_session_timeout 24h;
    spdy_headers_comp 6;
    spdy_keepalive_timeout 300;
    ssl_buffer_size 1400;
    ssl_session_tickets on;
    resolver 8.8.4.4 8.8.8.8 valid=300s;
    resolver_timeout 10s;
    ssl_stapling on;
    ssl_stapling_verify on;
    
     
  5. eva2000

    eva2000 Administrator Staff Member

    30,178
    6,786
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,139
    Local Time:
    7:39 PM
    Nginx 1.13.x
    MariaDB 5.5
    some can't be included like HSTS if you want separate access to http and https for self-signed certificates etc but others can be added

    and some need to be added and auto generated with the nginx vhost creation routine so go into the vhost .conf file itself
     
    Last edited: Jun 26, 2015