events { worker_connections 768; # multi_accept on; } http { include mime.types; include fastcgi.conf; default_type application/octet-stream; sendfile on; tcp_nopush on; server_tokens off; client_max_body_size 10M; gzip on; gzip_disable "msie6"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_buffers 16 8k; gzip_http_version 1.1; gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript; server { listen 80; root /app/public; charset utf-8; index index.php; location / { try_files $uri $uri/ /index.php?$query_string; } location = /favicon.ico { access_log off; log_not_found off; } location = /robots.txt { access_log off; log_not_found off; } error_page 404 /index.php; location ~ /\.ht { deny all; } location ~ /\.(?!well-known).* { deny all; } location ~ \.php$ { add_header 'Access-Control-Allow-Credentials' 'true' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Client-Id,Client-Secret,Cache-Control,Content-Type,Pragma,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,App-Platform,App-Version,Idempotency-Key' always; fastcgi_pass php:9000; fastcgi_index index.php; } } }