implemented SSL profiles (with HSTS)

based on Mozilla SSL Configuration Generator and hstspreload.org
2025-08-08 09:55:51 +08:00 · 2018-03-10 13:39:05 +01:00
parent 3396047a5c
commit 9e0eb0095c
5 changed files with 90 additions and 18 deletions
--- a/README.md
+++ b/README.md
@@ -3,12 +3,16 @@
 Online nginx configuration generator.

 ## Features
-* HTTPS (with [Let's Encrypt](https://letsencrypt.org) or custom certificate, [Mozilla SSL Configuration Generator](https://mozilla.github.io/server-side-tls/ssl-config-generator/))
+* HTTPS (with [Let's Encrypt](https://letsencrypt.org) or custom certificate)
 * HTTP2
+* [SSL profiles](https://mozilla.github.io/server-side-tls/ssl-config-generator/)
+* [HSTS](https://hstspreload.org)
+* force HTTPS
 * CDN
 * www / non-www
+* redirect subdomains
 * IPv4, IPv6
-* PHP (TCP, 5.x FPM, 7.0 FPM, 7.1 FPM, 7.2 FPM)
+* PHP (TCP, 5.x FPM, 7.0 FPM, 7.1 FPM, 7.2 FPM, 7.3 FPM)
 * WordPress security essentials (*including [CVE-2018-6389](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6389)*)
 * pass requests to index.php
 	* *[Laravel](https://laravel.com/docs/master/deployment#nginx)*
@@ -62,3 +66,5 @@ Online nginx configuration generator.
 * [NGINX Tuning For Best Performance](https://gist.github.com/denji/8359866)
 * [Hardening Your HTTP Security Headers](https://www.keycdn.com/blog/http-security-headers/)
 * [h5bp/server-configs-nginx](https://github.com/h5bp/server-configs-nginx)
+* [Diffie-Hellman DSA-like parameters](https://security.stackexchange.com/questions/95178/diffie-hellman-parameters-still-calculating-after-24-hours/95184#95184)
+* [hstspreload.org](https://hstspreload.org)