Add Google Public DNS IPv6 and Cloudflare DNS IP addresses to `resolv…

…er` (#229) Co-authored-by: Léo Colombaro <git@colombaro.fr>
h5bp · May 15, 2019 · 28874c3 · 28874c3
1 parent e300321
commit 28874c3
Showing 1 changed file with 17 additions and 1 deletion.
diff --git a/h5bp/ssl/ocsp_stapling.conf b/h5bp/ssl/ocsp_stapling.conf
@@ -10,9 +10,25 @@
 # https://wiki.mozilla.org/Security/Server_Side_TLS#OCSP_Stapling
 # https://tools.ietf.org/html/rfc6066#section-8
 # https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling
+#
+# (1) Use Cloudflare 1.1.1.1 DNS resolver
+#     https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/
+#
+# (2) Use Google 8.8.8.8 DNS resolver
+#     https://developers.google.com/speed/public-dns/docs/using
+#
+# (3) Use Dyn DNS resolver
+#     https://help.dyn.com/internet-guide-setup/
 
 ssl_stapling on;
 ssl_stapling_verify on;
 
-resolver 8.8.8.8 8.8.4.4 216.146.35.35 216.146.36.36 valid=60s;
+resolver
+  # (1)
+  1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001]
+  # (2)
+  8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844]
+  # (3)
+  # 216.146.35.35 216.146.36.36 
+  valid=60s;
 resolver_timeout 2s;