Complete the code to enable only TLS protocols in nginx.
ssl_protocols [1];The ssl_protocols directive specifies which SSL/TLS protocols nginx will accept. Modern best practice is to enable only TLS versions, excluding SSL versions.
Complete the code to set a strong cipher suite in nginx.
ssl_ciphers [1];The ssl_ciphers directive defines which encryption algorithms nginx will allow. "HIGH:!aNULL:!MD5" enables strong ciphers and excludes anonymous and weak ones.
Fix the error in the ssl_prefer_server_ciphers directive to prefer server ciphers.
ssl_prefer_server_ciphers [1];The correct value to enable server cipher preference in nginx is on. Values like 'true' or 'yes' are invalid here.
Fill both blanks to configure nginx to use only TLSv1.2 and TLSv1.3 and prefer server ciphers.
ssl_protocols [1]; ssl_prefer_server_ciphers [2];
Setting ssl_protocols to only TLSv1.2 and TLSv1.3 ensures modern secure protocols. Setting ssl_prefer_server_ciphers to on makes nginx choose the server's preferred ciphers.
Fill all three blanks to configure nginx with strong ciphers, enable TLSv1.2 and TLSv1.3, and prefer server ciphers.
ssl_ciphers [1]; ssl_protocols [2]; ssl_prefer_server_ciphers [3];
This configuration sets strong ciphers, limits protocols to TLSv1.2 and TLSv1.3, and enables server cipher preference for better security.