diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf
index 819ff40..a4da1c4 100644
--- a/h5bp/directive-only/ssl.conf
+++ b/h5bp/directive-only/ssl.conf
@@ -11,7 +11,10 @@ ssl_prefer_server_ciphers  on;
 # By enabling a cache (of type "shared between all Nginx workers"), we tell the client to re-use the already negotiated state.
 # Further optimization can be achieved by raising keepalive_timeout, but that shouldn't be done unless you serve primarily HTTPS.
 ssl_session_cache    shared:SSL:10m; # a 1mb cache can hold about 4000 sessions, so we can hold 40000 sessions
-ssl_session_timeout  10m;
+ssl_session_timeout  24h;
+
+# SSL buffer size was added in 1.5.9
+#ssl_buffer_size      1400; # 1400 bytes to fit in one MTU
 
 # Session tickets appeared in version 1.5.9
 #