diff --git a/services/nginx.nix b/services/nginx.nix
index d5f1a6b..238e048 100644
--- a/services/nginx.nix
+++ b/services/nginx.nix
@@ -7,6 +7,8 @@ networking.firewall.allowedTCPPorts = [80 443];
 
 services.nginx = {
         enable = true;
+	sslProtocols = "TLSv1 TLSv1.1 TLSv1.2";
+#	sslCiphers = "DHE+RSA+AES128+SHA:EECDH+aRSA+AESGCM:EDH+aRSA:EECDH+aRSA:+AES256:+AES128:+SHA1:!CAMELLIA:!SEED:!3DES:!DES:!RC4:!eNULL";
         recommendedGzipSettings = true;
         recommendedOptimisation = true;
         recommendedProxySettings = true;