| # HTTPS安全配置 | |
| proxy_cookie_path / "/; httponly; secure; SameSite=Lax"; | |
| add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; | |
| #SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则 | |
| ssl_certificate /www/server/panel/ssl/certificate.pem; | |
| ssl_certificate_key /www/server/panel/ssl/privateKey.pem; | |
| ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; | |
| ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:!MD5; | |
| ssl_prefer_server_ciphers on; | |
| ssl_session_cache shared:SSL:1m; | |
| ssl_session_timeout 1m; | |
| add_header Strict-Transport-Security "max-age=31536000"; | |
| add_header X-Frame-Options SAMEORIGIN; | |
| error_page 497 https://$http_host$request_uri; | |
| #SSL-END |