After checking the nginx ssl config from the link in your comment, I would change some things in your config. Let me get on it:
server { # more_set_headers "Server: my web server :-)"; listen 80; server_name marketplace.mercicapitaine.fr; return 301 https://$server_name$request_uri;}server { # more_set_headers "Server: my web server :-)"; listen 443 ssl; server_name marketplace.mercicapitaine.fr; ssl_certificate /home/ubuntu/ssl_2016/ssl-bundle.crt; ssl_certificate_key /home/ubuntu/ssl_2016/mckey.key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:10m; # ssl_session_tickets off; # openssl dhparam -out dhparam.pem 2048 # ssl_dhparam /etc/nginx/SSL/dhparams.pem; ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGC$ ssl_prefer_server_ciphers on; add_header Strict-Transport-Security "max-age=15768000;includeSubdomains; preload"; root /srv/marketapp/; index index.html index.htm index.php; client_max_body_size 20M; location / { try_files $uri $uri/ /index.php; } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/ajenti-v-php-fcgi-marketplacemercicapitainefr-php-fcgi-0.sock; fastcgi_index index.php; include fastcgi_params; } location /doc/ { alias /usr/share/doc/; autoindex on; allow 127.0.0.1; deny all; } location ~/\.ht { deny all; } }- Please think about generating at least 2048 bit Diffie-Hellman parameters.
- this config above tries to adopt most of your settings and path, please review it to make sure it's correct.
- I'm doing a rewrite from port 80 to port 443 via permanent redirect
- non ssl / ssl sections split up
- see SSLLabs to check your webpage and see, if there are any additional security options you can set up.
I assume you want do setup a wordpress blog.
If there are any questions, please feel free to ask.