From 42ff84d991cdfcc108781c07afc259f316e36e61 Mon Sep 17 00:00:00 2001
From: Alex Thomassen <alex@thomassen.xyz>
Date: Tue, 18 Aug 2020 13:41:44 +0200
Subject: [PATCH] [NGINX] SSL Params - Update to follow intermediate config
 from Moz

---
 ssl_params.conf | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/ssl_params.conf b/ssl_params.conf
index 8dbd16e..aecb73c 100644
--- a/ssl_params.conf
+++ b/ssl_params.conf
@@ -1,5 +1,7 @@
 ssl_protocols TLSv1.2 TLSv1.3;
 ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
-ssl_prefer_server_ciphers on;
+ssl_prefer_server_ciphers off;
 ssl_dhparam /etc/nginx/dhparams.pem;
-ssl_session_cache shared:SSL:10m;
\ No newline at end of file
+ssl_session_cache shared:SSL:10m;
+ssl_session_timeout 1d;
+ssl_session_tickets off;
\ No newline at end of file