Jump to content

Nginx and setup sub domain websites.

Joveice
 Share
Go to solution Solved by Joveice,

For some reason I managed to fix it now, Not sure what I did tho.

Posted

Schools are mostly shit, im probably just a tiny bit futher then you are. Teach it yourself, you will come across more then you learn at a normal school that says something like Application programming course etc.

 

If you keep just doing this kind of stuff maybe post here and there tiny bit of your code just to see what people are saying about it you will get pretty far.

 

Not even so long ago, and i have not improved much in cleaning up my code. Just hack stuff into eachother and make it work, cleaning up comes later.

Once you start seeing it is kind of fun you will make time for researching alot so you dont look like a 12 year old script kiddie. Im promoted to a 13 year old script kiddie i believe.

Just post shitty code and people will be gladly to help, some are just negative minded people but there will be always some nice people in the programming section.

 

Quote or mention me if not feel ignored 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
4 minutes ago, Cruorzy said:

Schools are mostly shit, im probably just a tiny bit futher then you are. Teach it yourself, you will come across more then you learn at a normal school that says something like Application programming course etc.

 

If you keep just doing this kind of stuff maybe post here and there tiny bit of your code just to see what people are saying about it you will get pretty far.

 

Not even so long ago, and i have not improved much in cleaning up my code. Just hack stuff into eachother and make it work, cleaning up comes later.

Once you start seeing it is kind of fun you will make time for researching alot so you dont look like a 12 year old script kiddie. Im promoted to a 13 year old script kiddie i believe.

Just post shitty code and people will be gladly to help, some are just negative minded people but there will be always some nice people in the programming section.

 

Yea I have noticed the nice people like you, already have had a few private messages with people who helped me out :) And all thanks to this forum!

Back-end developer, electronics "hacker"

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
22 hours ago, Cruorzy said:

Letsencrypt is more then enough, would recommend using a 302 redirect instead of a 301. You might have some issues with having a normal HTTP session when you fuck up ur certificate lols. You got to clear you browser cache and pray it will remove the permanent 301 redirect.

 

Add these rules instead of the ones you have, and you will have a A+ overall rating :)

  


		ssl_certificate /etc/letsencrypt/certs/fullchain1.pem;
        ssl_certificate_key /etc/letsencrypt/certs/privkey1.pem;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_dhparam /etc/letsencrypt/dhparam.pem;
        ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
        ssl_session_timeout 1d;
        ssl_session_cache shared:SSL:50m;
        ssl_stapling on;
        ssl_stapling_verify on;
        add_header Strict-Transport-Security max-age=15768000;

 

If you building your website in PHP (server side) i would recommend focus on that alot before putting something major online.

This failed to start, And I checked what the reason was, I don't have a dhparam.pem, what does that mean? (I did config it to point to the right files)

 

Back-end developer, electronics "hacker"

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Not sure if you are running linux but here is how you create one on linux

  

Generate Strong Diffie-Hellman Group

To further increase security, you should also generate a strong Diffie-Hellman group. To generate a 2048-bit group, use this command:

sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
This may take a few minutes but when it's done you will have a strong DH group at /etc/ssl/certs/dhparam.pem.

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

Quote or mention me if not feel ignored 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, Cruorzy said:

Not sure if you are running linux but here is how you create one on linux

  


Generate Strong Diffie-Hellman Group

To further increase security, you should also generate a strong Diffie-Hellman group. To generate a 2048-bit group, use this command:

sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
This may take a few minutes but when it's done you will have a strong DH group at /etc/ssl/certs/dhparam.pem.

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

Running Ubuntu server 16.04, so thank you :)

Back-end developer, electronics "hacker"

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programs, Apps and Websites

×