From 029ff47286b423ab0d408bde62229e4b36b4ef69 Mon Sep 17 00:00:00 2001
From: AD7six <andydawson76@gmail.com>
Date: Mon, 28 Jul 2014 14:08:19 +0000
Subject: [PATCH 01/10] move ssl config to a seperate file

---
 h5bp/directive-only/ssl.conf | 18 ++++++++++++++++++
 nginx.conf                   | 19 +------------------
 2 files changed, 19 insertions(+), 18 deletions(-)
 create mode 100644 h5bp/directive-only/ssl.conf

diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf
new file mode 100644
index 0000000..a4ae8ef
--- /dev/null
+++ b/h5bp/directive-only/ssl.conf
@@ -0,0 +1,18 @@
+# Protect against the BEAST attack by preferring RC4-SHA when using SSLv3 and TLS protocols.
+# Note that TLSv1.1 and TLSv1.2 are immune to the beast attack but only work with OpenSSL v1.0.1 and higher and has limited client support.
+# Ciphers set to best allow protection from Beast, while providing forwarding secrecy, as defined by Mozilla - https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx
+ssl_protocols              SSLv3 TLSv1 TLSv1.1 TLSv1.2;
+ssl_ciphers                ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:AES128:AES256:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK;
+ssl_prefer_server_ciphers  on;
+
+# Optimize SSL by caching session parameters for 10 minutes. This cuts down on the number of expensive SSL handshakes.
+# The handshake is the most CPU-intensive operation, and by default it is re-negotiated on every new/parallel connection.
+# By enabling a cache (of type "shared between all Nginx workers"), we tell the client to re-use the already negotiated state.
+# Further optimization can be achieved by raising keepalive_timeout, but that shouldn't be done unless you serve primarily HTTPS.
+ssl_session_cache    shared:SSL:10m; # a 1mb cache can hold about 4000 sessions, so we can hold 40000 sessions
+ssl_session_timeout  10m;
+
+# This default SSL certificate will be served whenever the client lacks support for SNI (Server Name Indication).
+# Make it a symlink to the most important certificate you have, so that users of IE 8 and below on WinXP can see your main site without SSL errors.
+#ssl_certificate      /etc/nginx/default_ssl.crt;
+#ssl_certificate_key  /etc/nginx/default_ssl.key;
diff --git a/nginx.conf b/nginx.conf
index 1792f8b..76f77ee 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -118,24 +118,7 @@ http {
   # a specific directory, or on an individual server{} level.
   # gzip_static on;
 
-  # Protect against the BEAST attack by preferring RC4-SHA when using SSLv3 and TLS protocols.
-  # Note that TLSv1.1 and TLSv1.2 are immune to the beast attack but only work with OpenSSL v1.0.1 and higher and has limited client support.
-  # Ciphers set to best allow protection from Beast, while providing forwarding secrecy, as defined by Mozilla - https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx
-  ssl_protocols              SSLv3 TLSv1 TLSv1.1 TLSv1.2;
-  ssl_ciphers                ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:AES128:AES256:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK;
-  ssl_prefer_server_ciphers  on;
-
-  # Optimize SSL by caching session parameters for 10 minutes. This cuts down on the number of expensive SSL handshakes.
-  # The handshake is the most CPU-intensive operation, and by default it is re-negotiated on every new/parallel connection.
-  # By enabling a cache (of type "shared between all Nginx workers"), we tell the client to re-use the already negotiated state.
-  # Further optimization can be achieved by raising keepalive_timeout, but that shouldn't be done unless you serve primarily HTTPS.
-  ssl_session_cache    shared:SSL:10m; # a 1mb cache can hold about 4000 sessions, so we can hold 40000 sessions
-  ssl_session_timeout  10m;
-
-  # This default SSL certificate will be served whenever the client lacks support for SNI (Server Name Indication).
-  # Make it a symlink to the most important certificate you have, so that users of IE 8 and below on WinXP can see your main site without SSL errors.
-  #ssl_certificate      /etc/nginx/default_ssl.crt;
-  #ssl_certificate_key  /etc/nginx/default_ssl.key;
+  include h5bp/directive-only/ssl.conf;
 
   include sites-enabled/*;
 }

From 08d4bbbd04e1d189493e91c5c0174fe2ea374dcc Mon Sep 17 00:00:00 2001
From: AD7six <andydawson76@gmail.com>
Date: Mon, 28 Jul 2014 14:16:09 +0000
Subject: [PATCH 02/10] remove SSLv3 from the ssl protocol list

As suggested in #44, and since h5bp doesn't support IE6 it seems to be
appropriate to remove a protocol which is in the list only to permit use
with IE6.
---
 h5bp/directive-only/ssl.conf | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf
index a4ae8ef..e016d06 100644
--- a/h5bp/directive-only/ssl.conf
+++ b/h5bp/directive-only/ssl.conf
@@ -1,7 +1,8 @@
-# Protect against the BEAST attack by preferring RC4-SHA when using SSLv3 and TLS protocols.
-# Note that TLSv1.1 and TLSv1.2 are immune to the beast attack but only work with OpenSSL v1.0.1 and higher and has limited client support.
+# Protect against the BEAST attack by not using SSLv3 at all. If you need to support older browsers (IE6) you may need to add
+# SSLv3 to the list of protocols below.
+ssl_protocols              TLSv1 TLSv1.1 TLSv1.2;
+
 # Ciphers set to best allow protection from Beast, while providing forwarding secrecy, as defined by Mozilla - https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx
-ssl_protocols              SSLv3 TLSv1 TLSv1.1 TLSv1.2;
 ssl_ciphers                ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:AES128:AES256:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK;
 ssl_prefer_server_ciphers  on;
 

From d996d2da0c3d3829911731783dfe4f265ff18a58 Mon Sep 17 00:00:00 2001
From: AD7six <andydawson76@gmail.com>
Date: Mon, 28 Jul 2014 14:20:58 +0000
Subject: [PATCH 03/10] turn off ssl session tickets

Stolen from istlsfastyet.com's config

It is probably a more logical default to turn off session tickets
given the diff linked in the comment block.
---
 h5bp/directive-only/ssl.conf | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf
index e016d06..aa8e29c 100644
--- a/h5bp/directive-only/ssl.conf
+++ b/h5bp/directive-only/ssl.conf
@@ -13,6 +13,15 @@ ssl_prefer_server_ciphers  on;
 ssl_session_cache    shared:SSL:10m; # a 1mb cache can hold about 4000 sessions, so we can hold 40000 sessions
 ssl_session_timeout  10m;
 
+# nginx does not auto-rotate session ticket keys: only a HUP / restart will do so and
+# when a restart is performed the previous key is lost, which resets all previous
+# sessions. The fix for this is to setup a manual rotation mechanism:
+# http://trac.nginx.org/nginx/changeset/1356a3b9692441e163b4e78be4e9f5a46c7479e9/nginx
+#
+# Note that you'll have to define and rotate the keys securely by yourself. In absence
+# of such infrastructure, consider turning off session tickets:
+ssl_session_tickets off;
+
 # This default SSL certificate will be served whenever the client lacks support for SNI (Server Name Indication).
 # Make it a symlink to the most important certificate you have, so that users of IE 8 and below on WinXP can see your main site without SSL errors.
 #ssl_certificate      /etc/nginx/default_ssl.crt;

From 398036440b387d8bb5cbcba64ed9f12ba1a5b7cd Mon Sep 17 00:00:00 2001
From: AD7six <andydawson76@gmail.com>
Date: Mon, 28 Jul 2014 14:29:04 +0000
Subject: [PATCH 04/10] add increased ssl timeout

---
 h5bp/directive-only/ssl.conf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf
index aa8e29c..fac81fc 100644
--- a/h5bp/directive-only/ssl.conf
+++ b/h5bp/directive-only/ssl.conf
@@ -22,6 +22,9 @@ ssl_session_timeout  10m;
 # of such infrastructure, consider turning off session tickets:
 ssl_session_tickets off;
 
+# Use a higher keepalive timeout to reduce the need for repeated handshakes
+keepalive_timeout 300; # up from 75 secs default
+
 # This default SSL certificate will be served whenever the client lacks support for SNI (Server Name Indication).
 # Make it a symlink to the most important certificate you have, so that users of IE 8 and below on WinXP can see your main site without SSL errors.
 #ssl_certificate      /etc/nginx/default_ssl.crt;

From 759bf84163e592162ea2728bb3083687d737c0fe Mon Sep 17 00:00:00 2001
From: AD7six <andydawson76@gmail.com>
Date: Mon, 28 Jul 2014 14:30:00 +0000
Subject: [PATCH 05/10] Default to use HTTP strict transport security

---
 h5bp/directive-only/ssl.conf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf
index fac81fc..5df06a9 100644
--- a/h5bp/directive-only/ssl.conf
+++ b/h5bp/directive-only/ssl.conf
@@ -25,6 +25,9 @@ ssl_session_tickets off;
 # Use a higher keepalive timeout to reduce the need for repeated handshakes
 keepalive_timeout 300; # up from 75 secs default
 
+# remember the certificate for a year and automatically connect to HTTPS
+add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains';
+
 # This default SSL certificate will be served whenever the client lacks support for SNI (Server Name Indication).
 # Make it a symlink to the most important certificate you have, so that users of IE 8 and below on WinXP can see your main site without SSL errors.
 #ssl_certificate      /etc/nginx/default_ssl.crt;

From 7295a765ee3b0c588112b44762c0d2d157df00d0 Mon Sep 17 00:00:00 2001
From: AD7six <andydawson76@gmail.com>
Date: Mon, 28 Jul 2014 14:38:22 +0000
Subject: [PATCH 06/10] add stubs for ssl-stapling and spdy

---
 h5bp/directive-only/spdy.conf         | 7 +++++++
 h5bp/directive-only/ssl-stapling.conf | 5 +++++
 2 files changed, 12 insertions(+)
 create mode 100644 h5bp/directive-only/spdy.conf
 create mode 100644 h5bp/directive-only/ssl-stapling.conf

diff --git a/h5bp/directive-only/spdy.conf b/h5bp/directive-only/spdy.conf
new file mode 100644
index 0000000..b98e243
--- /dev/null
+++ b/h5bp/directive-only/spdy.conf
@@ -0,0 +1,7 @@
+# Nginx's spdy module is currently experimental
+
+# Adjust connection keepalive for SPDY clients:
+spdy_keepalive_timeout 300; # up from 180 secs default
+
+# enable SPDY header compression
+spdy_headers_comp 6;
diff --git a/h5bp/directive-only/ssl-stapling.conf b/h5bp/directive-only/ssl-stapling.conf
new file mode 100644
index 0000000..97d044f
--- /dev/null
+++ b/h5bp/directive-only/ssl-stapling.conf
@@ -0,0 +1,5 @@
+# OCSP stapling...
+ssl_stapling on;
+ssl_stapling_verify on;
+#ssl_trusted_certificate /path/to/ca.crt;
+resolver 8.8.8.8;

From 72f9509a5e1b104c87fbf93a378778a5b5888640 Mon Sep 17 00:00:00 2001
From: AD7six <andydawson76@gmail.com>
Date: Mon, 28 Jul 2014 14:42:35 +0000
Subject: [PATCH 07/10] disable ssl_session_tickets

it's only recently added so is a config error otherwise
---
 h5bp/directive-only/ssl.conf | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf
index 5df06a9..819ff40 100644
--- a/h5bp/directive-only/ssl.conf
+++ b/h5bp/directive-only/ssl.conf
@@ -13,6 +13,8 @@ ssl_prefer_server_ciphers  on;
 ssl_session_cache    shared:SSL:10m; # a 1mb cache can hold about 4000 sessions, so we can hold 40000 sessions
 ssl_session_timeout  10m;
 
+# Session tickets appeared in version 1.5.9
+#
 # nginx does not auto-rotate session ticket keys: only a HUP / restart will do so and
 # when a restart is performed the previous key is lost, which resets all previous
 # sessions. The fix for this is to setup a manual rotation mechanism:
@@ -20,7 +22,7 @@ ssl_session_timeout  10m;
 #
 # Note that you'll have to define and rotate the keys securely by yourself. In absence
 # of such infrastructure, consider turning off session tickets:
-ssl_session_tickets off;
+#ssl_session_tickets off;
 
 # Use a higher keepalive timeout to reduce the need for repeated handshakes
 keepalive_timeout 300; # up from 75 secs default

From b5004a9b46d5dbf8fa5969c37704d799b8120781 Mon Sep 17 00:00:00 2001
From: AD7six <andydawson76@gmail.com>
Date: Mon, 28 Jul 2014 14:44:28 +0000
Subject: [PATCH 08/10] don't include ssl config by default

If the server has no ssl config - there's no need to load a config file
full of ssl config
---
 nginx.conf | 2 --
 1 file changed, 2 deletions(-)

diff --git a/nginx.conf b/nginx.conf
index 76f77ee..b4c9126 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -118,7 +118,5 @@ http {
   # a specific directory, or on an individual server{} level.
   # gzip_static on;
 
-  include h5bp/directive-only/ssl.conf;
-
   include sites-enabled/*;
 }

From aac9d71d5494707d1385b6d7fbd6a272275ce871 Mon Sep 17 00:00:00 2001
From: AD7six <andydawson76@gmail.com>
Date: Mon, 28 Jul 2014 14:52:00 +0000
Subject: [PATCH 09/10] add ssl example site

ensure to avoid any use of if as that's "extremely inefficient" and
eliminate redirects where possible
---
 sites-available/ssl.example.com | 48 +++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 sites-available/ssl.example.com

diff --git a/sites-available/ssl.example.com b/sites-available/ssl.example.com
new file mode 100644
index 0000000..2c8d4dc
--- /dev/null
+++ b/sites-available/ssl.example.com
@@ -0,0 +1,48 @@
+# Choose between www and non-www, listen on the *wrong* one and redirect to
+# the right one -- http://wiki.nginx.org/Pitfalls#Server_Name
+#
+server {
+  listen 80;
+
+  # listen on both hosts
+  server_name example.com www.example.com;
+
+  include h5bp/direcive-only/ssl.conf
+
+  # and redirect to the https host (declared below)
+  # avoiding http://www -> https://www -> https:// chain.
+  return 301 https://example.com$request_uri;
+}
+
+server {
+  listen 443 ssl spdy;
+
+  # listen on the wrong host
+  server_name www.example.com;
+
+  include h5bp/direcive-only/ssl.conf
+
+  # and redirect to the non-www host (declared below)
+  return 301 https://example.com$request_uri;
+}
+
+server {
+  listen 443 ssl spdy;
+
+  # The host name to respond to
+  server_name example.com;
+
+  include h5bp/direcive-only/ssl.conf
+
+  # Path for static files
+  root /sites/example.com/public;
+
+  #Specify a charset
+  charset utf-8;
+
+  # Custom 404 page
+  error_page 404 /404.html;
+
+  # Include the basic h5bp config set
+  include h5bp/basic.conf;
+}

From 332998a2db2a3f98b50780de49d5b90de438e0db Mon Sep 17 00:00:00 2001
From: AD7six <andydawson76@gmail.com>
Date: Mon, 28 Jul 2014 14:54:31 +0000
Subject: [PATCH 10/10] use a much longer ssl_session_timeout

To match the settiongs from istlsfastyet.com

Add a mention of ssl_buffer_size even though it can 't be enabled yet
---
 h5bp/directive-only/ssl.conf | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf
index 819ff40..a4da1c4 100644
--- a/h5bp/directive-only/ssl.conf
+++ b/h5bp/directive-only/ssl.conf
@@ -11,7 +11,10 @@ ssl_prefer_server_ciphers  on;
 # By enabling a cache (of type "shared between all Nginx workers"), we tell the client to re-use the already negotiated state.
 # Further optimization can be achieved by raising keepalive_timeout, but that shouldn't be done unless you serve primarily HTTPS.
 ssl_session_cache    shared:SSL:10m; # a 1mb cache can hold about 4000 sessions, so we can hold 40000 sessions
-ssl_session_timeout  10m;
+ssl_session_timeout  24h;
+
+# SSL buffer size was added in 1.5.9
+#ssl_buffer_size      1400; # 1400 bytes to fit in one MTU
 
 # Session tickets appeared in version 1.5.9
 #