diff --git a/nginx-config/directive/bubbly_rock-hard-ssl.conf b/nginx-config/directive/bubbly_rock-hard-ssl.conf
index e8d87b0..a75d369 100644
--- a/nginx-config/directive/bubbly_rock-hard-ssl.conf
+++ b/nginx-config/directive/bubbly_rock-hard-ssl.conf
@@ -35,7 +35,7 @@
 	# Option 2. Slightly better.
 	# [WARNING] Slower and breaks some IE on mobiles.
 	#ssl_ecdh_curve secp521r1;
-	
+
 	# Option 3. Allow either on modern systems.
 	# [WARNING] Only for for nginx >= 1.11.0 and openssl >= 1.0.2
 	#ssl_ecdh_curve secp521r1:secp384r1;
@@ -44,10 +44,10 @@
 	####	Strict Transport Security
 	# [WARNING] Strict-Transport-Security will stop HTTP access for specified time.
 	# [OPTION] Include sub-domains with HSTS.
-	
+
 	# Option 1. [DEFAULT] Current domain only.
 	add_header Strict-Transport-Security "max-age=31536000" always;
-	
+
 	# Option 2. includeSubDomains
 	# [WARNING] This will block HTTP access to sub-domains.
 	#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
@@ -55,8 +55,15 @@
 
 	####	Preference & Protocols
 	ssl_prefer_server_ciphers on;
+	# [OPTION] Select SSL protocols.
+
+	# Option 1. [DEFAULT] TLSv1-1.2
 	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 
+	# Option 2. Enable TLSv1.3
+	# [WARNING] Requires Nginx >=1.13.0 && OpenSSL >=1.1.1 built with TLSv1.3
+	#ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
+
 
 	####	Cipher List
 	# [OPTION] Pick on Cipher List from Below.