Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/properssl/nginx-pfs

Sample configuration of nginx for PFS using ECDHE
https://github.com/properssl/nginx-pfs

Last synced: 11 days ago
JSON representation

Sample configuration of nginx for PFS using ECDHE

Host: GitHub
URL: https://github.com/properssl/nginx-pfs
Owner: properssl
Created: 2013-07-01T04:57:33.000Z (over 11 years ago)
Default Branch: master
Last Pushed: 2013-07-02T15:17:39.000Z (over 11 years ago)
Last Synced: 2024-08-02T14:12:41.620Z (4 months ago)
Language: Shell
Homepage:
Size: 102 KB
Stars: 14
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

        ### nginx SSL Configuration

This is a sample configuration of nginx with SSL for [PFS (Perfect Forward Secrecy)](PFS). 

This configuration includes:

* The server prefers using [ECDHE] for key exchange

* It redirects all HTTP traffic to HTTPS

* It sends back [HSTS] headers on all SSL requests

* It sends back an X-Frame-Options DENY header to prevent [Clickjacking]

 

For other examples of properly establishing SSL connections check out http://properssl.org/.

### Vagrant

To setup the test server run `vagrant up`.

The setup script will:

1. Install nginx

2. Generate a new private key

3. Create a self signed certificate

4. Configure nginx to use it

[PFS]: http://en.wikipedia.org/wiki/Perfect_forward_secrecy

[ECDHE]: http://en.wikipedia.org/wiki/ECDHE

[HSTS]: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

[Clickjacking]: http://en.wikipedia.org/wiki/Clickjacking#X-Frame-Options