From dfccb44e30caed103e915860ca8876ad2381df41 Mon Sep 17 00:00:00 2001
From: Dan Janosik <janoside@users.noreply.github.com>
Date: Sun, 10 Dec 2017 13:50:57 -0500
Subject: [PATCH] update tls settings

---
 docs/btc-explorer.com.conf | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/docs/btc-explorer.com.conf b/docs/btc-explorer.com.conf
index 31a0e61..66f1277 100644
--- a/docs/btc-explorer.com.conf
+++ b/docs/btc-explorer.com.conf
@@ -14,6 +14,12 @@ server {
 	server_name btc-explorer.com;
 	listen 443 ssl http2;
 	#listen [::]:443 ssl http2 ipv6only=on;
+	
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+	ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+	ssl_prefer_server_ciphers on;
+	ssl_session_cache shared:SSL:10m;
+	ssl_dhparam /etc/ssl/certs/dhparam.pem;
 
 	location / {
 		proxy_pass http://localhost:3002;