diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 22af29d..c6b97bf 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -96,5 +96,12 @@ http {
   ssl_ciphers                RC4:HIGH:!aNULL:!MD5;
   ssl_prefer_server_ciphers  on;
 
+  # Optimize SSL by caching session parameters for 10 minutes. This cuts down on the number of expensive SSL handshakes.
+  # The handshake is the most CPU-intensive operation, and by default it is re-negotiated on every new/parallel connection.
+  # By enabling a cache (of type "shared between all Nginx workers"), we tell the client to re-use the already negotiated state.
+  # Further optimization can be achieved by raising keepalive_timeout, but that shouldn't be done unless you serve primarily HTTPS.
+  ssl_session_cache    shared:SSL:10m; # a 1mb cache can hold about 4000 sessions, so we can hold 40000 sessions
+  ssl_session_timeout  10m;
+
   include sites-enabled/*;
 }