It's a good tutorial to get a base gateway online, but there's some security configs I would add which aren't listed there, and also doesn't talk about enabling https.

in my `sites-enabled` config:
```
    ssl_protocols TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_ecdh_curve secp384r1;
```

in my `nginx.conf`:

```
    # xss and x-frame protection
    add_header X-Frame-Options "DENY";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options nosniff;

    # HSTS
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    # ssl settings
    ssl_protocols TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;

    # disable server tokens
    server_tokens off;

    ##buffer policy 
    client_body_buffer_size 1K;
    client_header_buffer_size 1k;
    client_max_body_size 1k;
    large_client_header_buffers 2 1k;
    ##end buffer policy
```