Update nginx-example.conf

Author: CodeConfidant

etc/nginx/sites-enabled/nginx-example.conf

@@ -1,29 +1,34 @@
 server {
-	listen 443 ssl http2;
-	listen [::]:443 ssl http2;
-
-    	server_name _;
-
-    	root /var/www/Nginx-Example;
-
-    	index index.html;
-
-    	location / {
+	
+	# Standard Directives
+	listen 						443 ssl http2;
+	listen 						[::]:443 ssl http2;
+    server_name 				_;
+    root 						/var/www/Nginx-Example;
+    index 						index.html;
+    keepalive_timeout			70;
+    	
+    # TLS Directives
+    add_header 					Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+	ssl_protocols 				TLSv1.2 TLSv1.3;
+	ssl_certificate 			/etc/nginx/ssl/_.crt;
+	ssl_certificate_key 		/etc/nginx/ssl/_.key;
+	ssl_prefer_server_ciphers 	on;
+	ssl_ciphers 				HIGH:!aNULL:!MD5;	
+	ssl_dhparam 				/etc/nginx/ssl/dhparam.pem;
+	ssl_session_cache 			shared:SSL:10m;
+	ssl_session_timeout 		1h;
+	
+	# 404 error if server cant't find files in root
+	location / {
 		try_files $uri $uri/ =404;
 	}
-
-	ssl_certificate /etc/nginx/ssl/_.crt;
-	ssl_certificate_key /etc/nginx/ssl/_.key;
-	ssl_prefer_server_ciphers on;
-	ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;	
-	ssl_dhparam /etc/nginx/ssl/dhparam.pem;
-	ssl_session_cache shared:SSL:5m;
-	ssl_session_timeout 1h;
 }
 
+# Redirect from Port 80
 server {
-       listen         80;
-       listen    [::]:80;
-       server_name    _;
-       return         301 https://$server_name$request_uri;
+    listen         80;
+    listen    [::]:80;
+    server_name    _;
+    return         301 https://$server_name$request_uri;
 }