SSL

server { listen 443 ssl; server_name yourdomain.com; ssl on; ssl_certificate /path/to/cert.pem; ssl_certificate_key /path/to/privatekey.pem; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /path/to/fullchain.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_connection_timeout 1d; ssl_session_cache shared:SSL:50m; add_header Strict-Transport-Security max-age=15768000; } # Permanent Redirect for HTTP to HTTPS server { listen 80; server_name yourdomain.com; return 301 https://$host$request_uri; }

Comments

SSL
Load Balancing
Reverse Proxy
Redirect
Static Assets
Domain Name
Access Logging
Listen To Port