Update nginx controls based on the new Apache 2.4 stig

[rx294]

Now that new apache stig 2.4 is out it might be time to do a walkthrough to see which nginx controls need to be updated.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apache_Server_2-4_UNIX_STIG.zip

eg: the current nginx control allows
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

however apache stig 2.4 disallows anything but TLSv1.2

[samcornwell]

I'm taking a quick look at this, not sure if I'll get through it all