Commit 9ba46704 authored by Aral Balkan's avatar Aral Balkan
Browse files

nginx configuration update

parent 257a5733
......@@ -2,8 +2,6 @@
# Better.fyi Web Site. (HTTPS server.)
#
server {
# Via Mozilla SSL Configuration Generator
# (https://mozilla.github.io/server-side-tls/ssl-config-generator/)
listen 443 ssl http2;
listen [::]:443 ssl http2;
......@@ -40,12 +38,14 @@ server {
# (Speed up SSL and improve privacy by not requiring calls to certificate authority)
ssl_stapling on;
ssl_stapling_verify on;
resolver $DNS-IP-1 $DNS-IP-2 valid=300s;
resolver_timeout 5s;
ssl_trusted_certificate /etc/letsencrypt/certs/better.fyi/chain.pem;
# --- End of SSL-specific setup ---
# X-Xss-Protection
# See: https://scotthelme.co.uk/hardening-your-http-response-headers/#x-xss-protection
add_header X-Xss-Protection "1; mode=block" always;
# Serve the site from the git repository.
root /home/git/site/;
index index.html index.htm;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment