Best Nginx config for Cloudflare optimization

Anyone knows or have a tips to config Nginx for maximize performance when using Cloudflare.

Like should my origin server away use TLS1.3/HTTP2?, or should set longer time on ssl_session_cache/ssl_session_timeout/keepalive_timeout?

Thanks you.

Start with ECDSA SSL certificates on origin instead of RSA SSL certs When combined with Nginx + OpenSSL 1.1.1 or Nginx + BoringSSL fork you will see much better ECDSA cipher performance compared to OpenSSL 1.0.2/1.1.0. My Centmin Mod Nginx builds support both OpenSSL 1.1.1 and BoringSSL built binaries :slight_smile:

FYI, Cloudflare has yet to enable TLS 1.3 CF to origin communication as yet see Cloudflare speak TLS 1.3 0-RTT with Origin Backend?

1 Like

They don’t HTTP/2 to the origin, either.


This topic was automatically closed after 30 days. New replies are no longer allowed.