From c0e79476667d2bba9c1312852048376b106458eb Mon Sep 17 00:00:00 2001
From: Marc Beninca <marc-beninca@rwx.work>
Date: Wed, 14 Aug 2019 22:09:17 +0200
Subject: [PATCH] server/nginx/harden

---
 in/personal/server/index.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/in/personal/server/index.rst b/in/personal/server/index.rst
index 4cbf0d0..5b64b5a 100644
--- a/in/personal/server/index.rst
+++ b/in/personal/server/index.rst
@@ -351,8 +351,8 @@ Configuration
  # Security
 
  ssl_buffer_size 8k;
- ssl_ciphers "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ARIA256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ARIA128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256";
- ssl_ecdh_curve "X448:X25519:P-521:P-384";
+ ssl_ciphers "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ARIA256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384";
+ ssl_ecdh_curve "X448:X25519:P-521";
  ssl_prefer_server_ciphers on;
  ssl_protocols TLSv1.3 TLSv1.2;
  ssl_session_cache shared:ssl_session_cache:16m;