|
|
|
@ -279,6 +279,18 @@ matrix_nginx_proxy_proxy_domain_additional_server_configuration_blocks: []
|
|
|
|
|
# Of course, a better solution is to just stop using browsers (like Chrome), which participate in such tracking practices.
|
|
|
|
|
matrix_nginx_proxy_floc_optout_enabled: true
|
|
|
|
|
|
|
|
|
|
# OCSP Stapling eliminating the need for clients to contact the CA, with the aim of improving both security and performance.
|
|
|
|
|
# OCSP stapling can provide a performance boost of up to 30%
|
|
|
|
|
# nginx web server supports OCSP stapling since version 1.3.7.
|
|
|
|
|
#
|
|
|
|
|
# *warning* Nginx is lazy loading OCSP responses, which means that for the first few web requests it is unable to add the OCSP response.
|
|
|
|
|
#
|
|
|
|
|
# Learn more about what it is here:
|
|
|
|
|
# - https://en.wikipedia.org/wiki/OCSP_stapling
|
|
|
|
|
# - https://blog.cloudflare.com/high-reliability-ocsp-stapling/
|
|
|
|
|
# - https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
|
|
|
|
|
matrix_nginx_proxy_ocsp_stapling_enabled: true
|
|
|
|
|
|
|
|
|
|
# Specifies the SSL configuration that should be used for the SSL protocols and ciphers
|
|
|
|
|
# This is based on the Mozilla Server Side TLS Recommended configurations.
|
|
|
|
|
#
|
|
|
|
|