diff --git a/wo/cli/plugins/stack_migrate.py b/wo/cli/plugins/stack_migrate.py
index b514c75..67bd30a 100644
--- a/wo/cli/plugins/stack_migrate.py
+++ b/wo/cli/plugins/stack_migrate.py
@@ -9,7 +9,8 @@ from wo.core.logging import Log
 from wo.core.mysql import WOMysql
 from wo.core.shellexec import WOShellExec
 from wo.core.variables import WOVar
-from wo.core.apt_repo import WORepo
+from wo.cli.plugins.sitedb import (getAllsites)
+from wo.core.template import WOTemplate
 
 
 class WOStackMigrateController(CementBaseController):
@@ -22,6 +23,9 @@ class WOStackMigrateController(CementBaseController):
             (['--mariadb'],
                 dict(help="Migrate/Upgrade database to MariaDB",
                      action='store_true')),
+            (['--nginx'],
+                dict(help="Migrate Nginx TLS configuration to HTTP/3 QUIC",
+                     action='store_true')),
             (['--force'],
                 dict(help="Force Packages upgrade without any prompt",
                      action='store_true')),
@@ -34,11 +38,8 @@ class WOStackMigrateController(CementBaseController):
     @expose(hide=True)
     def migrate_mariadb(self, ci=False):
 
-        if WOMysql.mariadb_ping(self):
-            # Backup all database
-            WOMysql.backupAll(self, fulldump=True)
-        else:
-            Log.error(self, "Unable to connect to MariaDB")
+        # Backup all database
+        WOMysql.backupAll(self, fulldump=True)
 
         # Check current MariaDB version
         if (os.path.exists('/etc/apt/sources.list.d/wo-repo.list') and
@@ -99,10 +100,36 @@ class WOStackMigrateController(CementBaseController):
         WOShellExec.cmd_exec(self, 'systemctl enable mariadb')
         post_pref(self, WOVar.wo_mysql, [])
 
+    @expose(hide=True)
+    def migrate_nginx(self):
+
+        # Add Nginx repo
+        pre_pref(self, WOVar.wo_nginx)
+        # Install Nginx
+        Log.wait(self, "Updating apt-cache          ")
+        WOAptGet.update(self)
+        Log.valide(self, "Updating apt-cache          ")
+        Log.wait(self, "Upgrading Nginx          ")
+        if WOAptGet.install(self, WOVar.wo_nginx):
+            Log.valide(self, "Upgrading Nginx          ")
+        else:
+            Log.failed(self, "Upgrading Nginx          ")
+        allsites = getAllsites(self)
+        for site in allsites:
+            if not site:
+                pass
+            if os.path.exists(f'/var/www/{site.sitename}/conf/nginx/ssl.conf'):
+                data = dict(ssl_live_path=WOVar.wo_ssl_live,
+                            domain=site.sitename)
+                WOTemplate.deploy(
+                    self, f'/var/www/{site.sitename}/conf/nginx/ssl.conf',
+                    'ssl.mustache', data, overwrite=True)
+        post_pref(self, WOVar.wo_nginx, [])
+
     @expose(hide=True)
     def default(self):
         pargs = self.app.pargs
-        if not pargs.mariadb:
+        if not pargs.mariadb and not pargs.nginx:
             self.app.args.print_help()
         if pargs.mariadb:
             if WOVar.wo_distro == 'raspbian':
@@ -128,3 +155,8 @@ class WOStackMigrateController(CementBaseController):
             else:
                 Log.error(self, "Your current MySQL is not alive or "
                           "you allready installed MariaDB")
+        if pargs.nginx:
+            if os.path.exists('/usr/sbin/nginx'):
+                self.migrate_nginx()
+            else:
+                Log.error(self, "Unable to connect to MariaDB")
diff --git a/wo/cli/templates/ssl.mustache b/wo/cli/templates/ssl.mustache
index 511aace..640e551 100644
--- a/wo/cli/templates/ssl.mustache
+++ b/wo/cli/templates/ssl.mustache
@@ -1,3 +1,4 @@
+{{#quic}}
 # display http version used in header (optional)
 more_set_headers "X-protocol : $server_protocol always";
 
@@ -14,6 +15,7 @@ listen [::]:443 quic;
 # listen on port 443 with HTTP/2
 listen 443 ssl;
 listen [::]:443 ssl;
+{{/quic}}
 ssl_certificate     {{ssl_live_path}}/{{domain}}/fullchain.pem;
 ssl_certificate_key     {{ssl_live_path}}/{{domain}}/key.pem;
 ssl_trusted_certificate {{ssl_live_path}}/{{domain}}/ca.pem;
diff --git a/wo/core/acme.py b/wo/core/acme.py
index 7440703..39733ef 100644
--- a/wo/core/acme.py
+++ b/wo/core/acme.py
@@ -141,7 +141,7 @@ class WOAcme:
                              .format(wo_domain_name)):
 
                 data = dict(ssl_live_path=WOVar.wo_ssl_live,
-                            domain=wo_domain_name)
+                            domain=wo_domain_name, quic=True)
                 WOTemplate.deploy(self,
                                   '/var/www/{0}/conf/nginx/ssl.conf'
                                   .format(wo_domain_name),
@@ -151,7 +151,7 @@ class WOAcme:
                                     '/etc/letsencrypt'):
                 Log.info(self, "Securing WordOps backend with current cert")
                 data = dict(ssl_live_path=WOVar.wo_ssl_live,
-                            domain=wo_domain_name)
+                            domain=wo_domain_name, quic=False)
                 WOTemplate.deploy(self,
                                   '/var/www/22222/conf/nginx/ssl.conf',
                                   'ssl.mustache', data, overwrite=False)
diff --git a/wo/core/variables.py b/wo/core/variables.py
index 46951f1..cc6f12f 100644
--- a/wo/core/variables.py
+++ b/wo/core/variables.py
@@ -178,7 +178,7 @@ class WOVar():
     if wo_distro == 'raspbian':
         mariadb_ver = '10.3'
     else:
-        mariadb_ver = '10.11'
+        mariadb_ver = '11.4'
         wo_mysql = wo_mysql + ["mariadb-backup"]
 
     wo_mysql_client = ["mariadb-client", "python3-mysqldb"]