All Attic Studios webservices are available behind an Nginx reverse proxy. This was required in a downscaling attempt to get everything up and running behind a single static public IP address. Nginx was new to me at the time, but I (feel like I) have learned a lot in the mean time.

I was already running all servers with a ‘strong SSL’ snippet I found online. Today I put my configuration to the test with SSL Labs from Qualis. Big thanks for an awesome service!

The default configuration put down a solid B+, but that was of course not enough ????

An hour later, I learned some new bits about SSL, cipher suites and protocol versions. My Nginx reverse proxy is a ‘very strong SSL’ snippet richer and the first sites are finishing with nothing short of an A+. Whoop-whoop.

I’ll be switching over more services to the most secure SSL configuration. Should anyone experience any issues, let me know!