diff --git a/https/nginx/automatisch_letsencrypt_nginx.conf b/https/nginx/automatisch_letsencrypt_nginx.conf
index 33451eb..8961cd7 100644
--- a/https/nginx/automatisch_letsencrypt_nginx.conf
+++ b/https/nginx/automatisch_letsencrypt_nginx.conf
@@ -12,6 +12,7 @@ server {
         
         # Forward to Automatisch site which is running on port 7757
         proxy_pass http://main:7757;
+        proxy_http_version 1.1;
     }               
 
     location ~ /.well-known/acme-challenge/ {
diff --git a/https/nginx/automatisch_letsencrypt_nginx_template.conf b/https/nginx/automatisch_letsencrypt_nginx_template.conf
index 33451eb..8961cd7 100644
--- a/https/nginx/automatisch_letsencrypt_nginx_template.conf
+++ b/https/nginx/automatisch_letsencrypt_nginx_template.conf
@@ -12,6 +12,7 @@ server {
         
         # Forward to Automatisch site which is running on port 7757
         proxy_pass http://main:7757;
+        proxy_http_version 1.1;
     }               
 
     location ~ /.well-known/acme-challenge/ {
diff --git a/https/nginx/secondary_automatisch_letsencrypt_nginx.conf b/https/nginx/secondary_automatisch_letsencrypt_nginx.conf
index d180163..8664392 100644
--- a/https/nginx/secondary_automatisch_letsencrypt_nginx.conf
+++ b/https/nginx/secondary_automatisch_letsencrypt_nginx.conf
@@ -1,7 +1,6 @@
-# nginx conf file to use after LetsEncrypt SSL certs have been created
+# initial nginx conf file needed when running certbot container the first time to generate ssl certs
 # replace <HOSTNAME> with your DNS i.e.automatisch.lasthourhosting.org
 
- 
 server {
 
     # nginx http port
@@ -19,12 +18,17 @@ server {
 server {
 
     # nginx https port
-    listen      443 ssl http2;
-    listen      [::]:443 ssl http2;
-
+    listen      443 ssl;
+    listen      [::]:443 ssl;
+    http2 	    on;
     # use ssl letsencrypt certs
     ssl_certificate      /etc/letsencrypt/live/<HOSTNAME>/fullchain.pem;
     ssl_certificate_key  /etc/letsencrypt/live/<HOSTNAME>/privkey.pem;
+    ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 1h;
+    
     server_name <HOSTNAME>;
 
 
@@ -32,6 +36,7 @@ server {
 
         # Forward to Automatisch site which is running on port 7757
         proxy_pass http://main:7757/;
+        proxy_http_version 1.1;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -41,4 +46,4 @@ server {
     location ~ /.well-known/acme-challenge/ {
         root /var/www/certbot;
     }        
-}    
\ No newline at end of file
+}