some fix

assets/drupal-ssl.nginxconf

@@ -15,14 +15,14 @@ server {
   root /var/www/DOMAIN.LTD/public_html;
 
   #SSL Certificates
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_certificate "/etc/letsencrypt/live/DOMAIN.LTD/cert.pem";
   ssl_certificate_key "/etc/letsencrypt/live/DOMAIN.LTD/privkey.pem";
-  ssl_dhparam /etc/nginx/dhparam.pem;
-  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-  #ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
+  ssl_dhparam /etc/nginx/ssl/certs/DOMAIN.LTD/dhparam.pem;
   ssl_session_cache shared:SSL:1m;
   ssl_session_timeout 10m;
   ssl_ciphers HIGH:!aNULL:!MD5;
+  #ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
   ssl_prefer_server_ciphers  on;
 
   add_header Strict-Transport-Security "max-age=31536000;
@@ -134,4 +134,7 @@ server {
     expires max;
     log_not_found off;
   }
+
+  # website should not be displayed inside a <frame>, an <iframe> or an <object>
+  add_header X-Frame-Options DENY;
 }

assets/simple-phpfpm-ssl.nginxconf

@@ -32,14 +32,14 @@ server {
   client_max_body_size 100m;
 
   #SSL Certificates
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   ssl_certificate "/etc/letsencrypt/live/DOMAIN.LTD/cert.pem";
   ssl_certificate_key "/etc/letsencrypt/live/DOMAIN.LTD/privkey.pem";
-  ssl_dhparam /etc/nginx/dhparam.pem;
-  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-  #ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
+  ssl_dhparam /etc/nginx/ssl/certs/DOMAIN.LTD/dhparam.pem;
   ssl_session_cache shared:SSL:1m;
   ssl_session_timeout 10m;
   ssl_ciphers HIGH:!aNULL:!MD5;
+  #ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
   ssl_prefer_server_ciphers  on;
 
   add_header Strict-Transport-Security "max-age=31536000;