diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index cb7f488..22af29d 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -90,5 +90,11 @@ http {
   # a specific directory, or on an individual server{} level.
   # gzip_static on;
 
+  # Protect against the BEAST attack by preferring RC4-SHA when using SSLv3 and TLS protocols.
+  # Note that TLSv1.1 and TLSv1.2 are immune to the beast attack but only work with OpenSSL v1.0.1 and higher and has limited client support.
+  ssl_protocols              SSLv3 TLSv1 TLSv1.1 TLSv1.2;
+  ssl_ciphers                RC4:HIGH:!aNULL:!MD5;
+  ssl_prefer_server_ciphers  on;
+
   include sites-enabled/*;
 }