diff --git a/roles/web_server/defaults/main.yml b/roles/web_server/defaults/main.yml
index ea44145714df27aa1d6d9933ea7336d3c8f4e243..e7bd8e9e2cfc6bb09cabf7f5d0ed0cd1c58e7c62 100644
--- a/roles/web_server/defaults/main.yml
+++ b/roles/web_server/defaults/main.yml
@@ -5,9 +5,14 @@ web_default_title: "Welcome"
 web_default_message: "You are attempting to access the web server using a wrong name or an IP address. Please check your URL."
 web_server_tls_protocols:
   - "TLSv1.2"
-web_server_tls_ciphers: "DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:\
-DHE-RSA-AES256-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:\
-ECDHE-RSA-AES256-SHA384:!aNULL:!MD5:!EXPORT"
+web_server_tls_ciphers: "\
+DHE-RSA-AES128-GCM-SHA256:\
+DHE-RSA-AES256-GCM-SHA384:\
+DHE-RSA-CHACHA20-POLY1305:\
+ECDHE-RSA-AES128-GCM-SHA256:\
+ECDHE-RSA-AES256-GCM-SHA384:\
+ECDHE-RSA-CHACHA20-POLY1305:\
+!aNULL:!MD5:!EXPORT"
 
 # Internal parameters
 php_fpm_package_name: "php-fpm"