11 lines
309 B
Plaintext
11 lines
309 B
Plaintext
ssl_session_timeout 1d;
|
|
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
|
|
ssl_session_tickets off;
|
|
|
|
# modern configuration
|
|
ssl_protocols TLSv1.3;
|
|
ssl_prefer_server_ciphers off;
|
|
|
|
# HSTS (ngx_http_headers_module is required) (6 months)
|
|
add_header Strict-Transport-Security "max-age=15768000" always;
|