server {
        listen 443 ssl;
        server_name             monit.example.org

        ssl_certificate         /etc/nginx/ssl/example.crt;
        ssl_certificate_key     /etc/nginx/ssl/example.key;

	ssl_prefer_server_ciphers On;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
	add_header Strict-Transport-Security max-age=15768000;
	ssl_session_cache shared:SSL:50m;
	ssl_session_timeout 10m;

        location / { 
                proxy_pass      http://127.0.0.1:2812;
                proxy_set_header Host 127.0.0.1;
                proxy_set_header        X-Real-IP       $remote_addr;
                proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header        X-Forwarded-Proto $scheme;
                add_header              Front-End-Https   on; 
        }   

}