From fc279215ec8264136d8bdcfe1590f24bc4c82c53 Mon Sep 17 00:00:00 2001
From: Serghey Rodin <serghey.rodin@gmail.com>
Date: Wed, 20 Mar 2013 20:07:45 +0200
Subject: [PATCH] PCI Compliant nginx configuration

---
 install/0.9.7/rhel/nginx.conf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/install/0.9.7/rhel/nginx.conf b/install/0.9.7/rhel/nginx.conf
index aad9cdeb1..24539f745 100644
--- a/install/0.9.7/rhel/nginx.conf
+++ b/install/0.9.7/rhel/nginx.conf
@@ -66,6 +66,10 @@ http {
     proxy_read_timeout  90;
     proxy_buffers       32 4k;
 
+    # SSL PCI Compliance
+    ssl_ciphers                 RC4:HIGH:!aNULL:!MD5:!kEDH;
+    ssl_session_cache           shared:SSL:10m;
+    ssl_prefer_server_ciphers   on;
 
     # Error pages
     error_page          403          /error/403.html;