diff --git a/files/inception/srcs/docker-compose.yml b/files/inception/srcs/docker-compose.yml
index b2930ff..f7630ce 100644
--- a/files/inception/srcs/docker-compose.yml
+++ b/files/inception/srcs/docker-compose.yml
@@ -72,6 +72,7 @@ services:
     depends_on:
       - wordpress
     volumes:
+      - site_data:/var/www/wordpress
       - ./nginx/secure/:/etc/nginx/templates/
       - /etc/localtime:/etc/localtime:ro
       - ./nginx/certbot/conf:/etc/letsencrypt
diff --git a/files/inception/srcs/nginx/secure/default.conf.template b/files/inception/srcs/nginx/secure/default.conf.template
index 0df9713..ab16a88 100644
--- a/files/inception/srcs/nginx/secure/default.conf.template
+++ b/files/inception/srcs/nginx/secure/default.conf.template
@@ -24,8 +24,8 @@ server {
     ssl_protocols TLSv1.2 TLSv1.3;
     ssl_certificate /etc/letsencrypt/live/${APP_DOMAIN}/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/${APP_DOMAIN}/privkey.pem;
-    # include /etc/letsencrypt/options-ssl-nginx.conf;
-    # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 
     location ~ \.php$ {
         try_files $uri =404;
diff --git a/tasks/install-docker.yml b/tasks/install-docker.yml
index e951452..537e890 100644
--- a/tasks/install-docker.yml
+++ b/tasks/install-docker.yml
@@ -17,6 +17,7 @@
     pkg:
       - ca-certificates
       - curl
+      - make
     force: true
 
 - name: Add Docker GPG key and Repository
diff --git a/tasks/setup-and-start-app.yml b/tasks/setup-and-start-app.yml
index 5fb764a..da83588 100644
--- a/tasks/setup-and-start-app.yml
+++ b/tasks/setup-and-start-app.yml
@@ -41,6 +41,16 @@
         state: present
       when: not ansible_check_mode
 
+    - name: Download recommended NGINX conf
+      ansible.builtin.get_url:
+        url: https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf
+        dest: "{{ dest_dir }}/srcs/nginx/certbot/conf/options-ssl-nginx.conf"
+
+    - name: Download recommended TLS parameters
+      ansible.builtin.get_url:
+        url: https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem
+        dest: "{{ dest_dir }}/srcs/nginx/certbot/conf/ssl-dhparams.pem"
+
 
 - name: Run the app
   ansible.builtin.command: "make -C {{ dest_dir }}"