jfinn
/
jitsi_mod
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Adds ssl stronger settings to default nginx config.

master
damencho 10 years ago
parent
83339382ab
commit
14fe5d09d1
1 changed files with 6 additions and 0 deletions
Unified View Show Diff Stats
  1. 6
    0
      doc/debian/jitsi-meet/jitsi-meet.example

+ 6
- 0
doc/debian/jitsi-meet/jitsi-meet.example View File

9 
     listen 443 ssl;
 9 
     listen 443 ssl;
10 
     server_name jitsi-meet.example.com;
 10 
     server_name jitsi-meet.example.com;
11
11
12 
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
13 
+    ssl_prefer_server_ciphers on;
14 
+    ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";
15 
+
16 
+    add_header Strict-Transport-Security "max-age=31536000";
17 
+
12 
     ssl_certificate /var/lib/prosody/jitsi-meet.example.com.crt;
 18 
     ssl_certificate /var/lib/prosody/jitsi-meet.example.com.crt;
13 
     ssl_certificate_key /var/lib/prosody/jitsi-meet.example.com.key;
 19 
     ssl_certificate_key /var/lib/prosody/jitsi-meet.example.com.key;
14
20

Write Preview
Loading…
Cancel
Save