File tree Expand file tree Collapse file tree 1 file changed +8
-7
lines changed
Expand file tree Collapse file tree 1 file changed +8
-7
lines changed Original file line number Diff line number Diff line change 11#user nobody;
22worker_processes 1;
33
4- # error_log logs /error.log;
4+ error_log /var/log/nginx /error.log;
55#error_log logs/error.log notice;
66#error_log logs/error.log info;
77
@@ -17,11 +17,11 @@ http {
1717 include mime.types ;
1818 default_type application/octet-stream ;
1919
20- # log_format main '$remote_addr - $remote_user [$time_local] "$request" '
21- # '$status $body_bytes_sent "$http_referer" '
22- # '"$http_user_agent" "$http_x_forwarded_for"';
20+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
21+ '$status $body_bytes_sent "$http_referer" '
22+ '"$http_user_agent" "$http_x_forwarded_for"' ;
2323
24- # access_log logs /access.log main;
24+ access_log /var/log/nginx /access.log main;
2525
2626 sendfile on;
2727 #tcp_nopush on;
3434 proxy_cache_key "$scheme$request_method$host$request_uri" ;
3535
3636 server {
37- listen [::]:4343 ssl ;
37+ listen 4343 ssl http2;
38+ listen [::]:4343 ssl http2;
3839 server_name tls13.byeskille.no www.tls13.byeskille.no;
3940
4041 ssl_certificate /etc/nginx/keys/chained.pem;
5455
5556 # modern configuration. tweak to your needs.
5657 ssl_protocols TLSv1.2 TLSv1.3;
57- ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA- CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128 -GCM-SHA256:ECDHE-RSA-AES128 -GCM-SHA256:ECDHE-ECDSA-AES256- SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 ' ;
58+ ssl_ciphers 'TLS13- CHACHA20-POLY1305-SHA256:TLS13-AES-128 -GCM-SHA256:TLS13-AES-256 -GCM-SHA384:ECDHE:!COMPLEMENTOFDEFAULT ' ;
5859 ssl_prefer_server_ciphers on;
5960
6061 # OCSP Stapling ---
You can’t perform that action at this time.
0 commit comments