Web server configuration for Nginx

server { listen 80; server_name example.com;

return 301 https://example.com$request_uri; }

server { listen 443 http2 ssl; listen [::]:443 http2 ssl;

server_name example.com;

# tell users to go to SSL version next time add_header Strict-Transport-Security "max-age=15768000; includeSubdomains;";

# tell users to go to SSL version next time add_header Strict-Transport-Security "max-age=15768000; includeSubdomains;";

ssl_protocols              TLSv1.2; ssl_ciphers                ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4; ssl_prefer_server_ciphers  on; #ssl_ecdh_curve            secp384r1; ssl_session_cache          shared:SSL:10m; ssl_stapling               off; ssl_dhparam                /etc/ssl/certs/dhparam.pem; ssl_trusted_certificate    certs.d/ca.cer; ssl_certificate_key        certs.d/example_com.key; ssl_certificate            certs.d/example_com.cer;

root /var/www/example.com; index index.html;

location / { try_files $uri $uri/ =404; }   }

'''