On the Laravel News site there's a post showing you how to optimize your SSL support on Forge, the Laravel-related tool that makes creating and configuring servers simpler. The post focuses on a recently added feature to Forge, support for Let's Encrypt certificates, and other SSL optimizations.
Laravel Forge was recently to allow one-click installations of Let’s Encrypt certificates. It is now easier than ever to have your own SSL!Let’s take a few extra minutes to optimize your server and help it perform faster and be more secure. In this tutorial we will look at using SSL session caching, HTTP Strict Transport Security (HSTS), and Hypertext Transfer Protocol 2 (HTTP/2).
The example they give are more Force-centric but the SSL changes and optimizations themselves could be used on any server running Nginx. They talk about:
- the SSL Log-Jam Fix
- SSL Optimizations (optimized cypher suite, OCSP stapling)
- HTTP Strict Transport Security (HSTS)
- HTTP/2
The post ends with a screenshot of how to test the new configuration and how to restart the web service to put it all into effect. There's also a link to an SSL checker that can help you verify things are set up correctly.