fix(router) add missing ssl config in default host

[felixbuenemann]

This is required so that clients which do not support TLS SNI (Server Name Indication) are not allowed to negotiate insecure ciphers suites. because neither the ssl_prefer_server_ciphers nor the ssl_ciphers directive was present in the default vHost.

Without this patch the ssl config is set on all application vHosts, but not on the default vHost.

If a client that does not support SNI connects to NGINX, it uses the SSL config from the SSL default server, because it can only detect the corrects vHost after negotiating the connection and looking at the Host header.

[Cryptophobia]

Nice update to the default server block. I do not think this will break any functionality. All healthcheck servers should be set to verify SNI correctly.

The way I see it, this is a fix for a bug as we want ssl ciphers to always be enforced on all clients. :100: