diff --git a/Docker_Registry_Install_Guide.md b/Docker_Registry_Install_Guide.md
index 1022b19..c964401 100644
--- a/Docker_Registry_Install_Guide.md
+++ b/Docker_Registry_Install_Guide.md
@@ -110,6 +110,20 @@ sudo chmod 750 /var/lib/registry
 
 # Create log directory for nginx proxy
 sudo install -d -o registry-proxy -g registry-proxy /var/log/registry-proxy
+
+# Create logrotate configuration for registry proxy logs
+sudo tee /etc/logrotate.d/registry-proxy > /dev/null << 'EOF'
+/var/log/registry-proxy/*.log {
+    daily
+    rotate 14
+    compress
+    delaycompress
+    copytruncate
+    missingok
+    notifempty
+    create 644 registry-proxy registry-proxy
+}
+EOF
 ```
 
 ### 2.4 Install Systemd Services
@@ -205,8 +219,12 @@ http {
   server_tokens off;
   limit_req_zone $binary_remote_addr zone=reg_read:10m rate=10r/s;
   limit_req_zone $binary_remote_addr zone=reg_write:10m rate=5r/s;
+  limit_conn_zone $binary_remote_addr zone=perip:10m;
   client_max_body_size 2g;
-  ssl_ciphers HIGH:!aNULL:!MD5;
+  ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:\
+ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:\
+ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256';
+  ssl_ecdh_curve X25519:P-256;
   ssl_prefer_server_ciphers on;
   ssl_verify_depth 2;
   ssl_session_cache shared:SSL:10m;
@@ -233,6 +251,7 @@ http {
     location ~ ^/v2/.+/tags/list { return 403; }
     location /v2/ {
       limit_req zone=reg_read burst=20 nodelay;
+      limit_conn perip 20;
       proxy_pass http://reg;
       proxy_set_header Host $host;
       proxy_set_header X-Forwarded-Proto https;
@@ -253,6 +272,7 @@ http {
     ssl_verify_client on;
     location /v2/ {
       limit_req zone=reg_write burst=10;
+      limit_conn perip 20;
       proxy_pass http://reg;
       proxy_set_header Host $host:$server_port;
       proxy_set_header X-Forwarded-Proto https;