some fix

2018-04-07 16:44:29 +02:00
parent 540d964935
commit a587dc0847
3 changed files with 13 additions and 8 deletions
--- a/assets/simple-phpfpm-ssl.nginxconf
+++ b/assets/simple-phpfpm-ssl.nginxconf
@@ -32,14 +32,14 @@ server {
  client_max_body_size 100m;

  #SSL Certificates
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_certificate "/etc/letsencrypt/live/DOMAIN.LTD/cert.pem";
  ssl_certificate_key "/etc/letsencrypt/live/DOMAIN.LTD/privkey.pem";
-  ssl_dhparam /etc/nginx/dhparam.pem;
-  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-  #ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
+  ssl_dhparam /etc/nginx/ssl/certs/DOMAIN.LTD/dhparam.pem;
  ssl_session_cache shared:SSL:1m;
  ssl_session_timeout 10m;
  ssl_ciphers HIGH:!aNULL:!MD5;
+  #ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
  ssl_prefer_server_ciphers  on;

  add_header Strict-Transport-Security "max-age=31536000;