Skip to content

Commit

Permalink
Merge pull request #105 from CoreMedia/issue_104
Browse files Browse the repository at this point in the history 
fix issue 104
  • Loading branch information
@KAllan357
KAllan357 committed Jan 15, 2015
2 parents 17e99e4 + f031d4c commit 801787f
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 7 deletions.
10 changes: 9 additions & 1 deletion attributes/default.rb
View file
Expand Up @@ -63,7 +63,15 @@
default[:nexus][:app_server_proxy][:server][:options] = [
"client_max_body_size 200M",
"client_body_buffer_size 512k",
"keepalive_timeout 0"
"keepalive_timeout 0",
'ssl_session_cache shared:SSL:10m',
'ssl_session_timeout 24h',
'ssl_protocols TLSv1 TLSv1.1 TLSv1.2',
'ssl_ciphers AES256+EECDH:AES256+EDH:AES128+EECDH!aNULL',
'ssl_prefer_server_ciphers on',
'add_header Strict-Transport-Security max-age=63072000',
'add_header X-Frame-Options DENY',
'add_header X-Content-Type-Options nosniff'
]
default[:nexus][:app_server_proxy][:proxy][:options] = []

Expand Down
6 changes: 0 additions & 6 deletions templates/default/nexus_proxy.nginx.conf.erb
View file
Expand Up @@ -22,12 +22,6 @@ server {
<%= option %>;
<% end %>

ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;

location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
Expand Down

0 comments on commit 801787f

Please sign in to comment.