default

# Mautic Configuration
#
server {
	listen 80 default_server;
	listen [::]:80 default_server;
        server_name _;
        set_real_ip_from 0.0.0.0/0;

	root /var/www/html;
	index index.php;

	location / {
          try_files $uri /index.php$is_args$args;
	}

	location ~ \.php$ {
          fastcgi_split_path_info ^(.+\.php)(/.+)$;

          fastcgi_keep_conn on;
	  fastcgi_pass unix:/run/php/php7.0-fpm.sock;
          fastcgi_index  index.php;
          fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
          include        fastcgi_params;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	location ~ /\.ht {
		deny all;
	}

    # redirect index.php to root
    rewrite ^/index.php/(.*) /$1  permanent;

    # redirect some entire folders
    rewrite ^/(vendor|translations|build)/.* /index.php break;

    # Deny everything else in /app folder except Assets folder in bundles
    location ~ /app/bundles/.*/Assets/ {
        allow all;
    }
    location ~ /app/ { deny all; }

    # Deny everything else in /addons or /plugins folder except Assets folder in bundles
    location ~ /(addons|plugins)/.*/Assets/ {
        allow all;
    }
    #location ~ /(addons|plugins)/ { deny all; }

    # Deny all php files in themes folder
    location ~* ^/themes/(.*)\.php {
        deny all;
    }

    # Deny yml, twig, markdown, init file access
    location ~* /(.*)\.(?:markdown|md|twig|yaml|yml|ht|htaccess|ini)$ {
        deny all;
        access_log off;
        log_not_found off;
    }

}