diff --git a/proxy/nginx.conf b/proxy/nginx.conf
index e519813..8ba2a2e 100644
--- a/proxy/nginx.conf
+++ b/proxy/nginx.conf
@@ -58,6 +58,10 @@ http {
     ssl_certificate /etc/nginx/certs/localhost.crt;
     ssl_certificate_key /etc/nginx/certs/localhost.key;
 
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers on;
+    add_header Strict-Transport-Security "max-age=3600; includeSubDomains" always;
+
     add_header X-Content-Type-Options "nosniff" always;
     add_header X-Frame-Options "DENY" always;
     add_header Referrer-Policy "strict-origin-when-cross-origin" always;