Akaunting/nginx/nginx.conf

# Generic startup file.
user www-data;

#usually equal to number of CPUs you have. run command "grep processor /proc/cpuinfo | wc -l" to find it
worker_processes  auto;
worker_cpu_affinity auto;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

# Keeps the logs free of messages about not being able to bind().
#daemon     off;

events {
    worker_connections  1024;
}

http {
#   rewrite_log on;

    include mime.types;
    default_type       application/octet-stream;
    access_log         /var/log/nginx/access.log;
    sendfile           on;
#   tcp_nopush         on;
    keepalive_timeout  64;
#   tcp_nodelay        on;
#   gzip               on;
        #php max upload limit cannot be larger than this       
    client_max_body_size 13m;
    index              index.php index.html index.htm;

    # Upstream to abstract backend connection(s) for PHP.
    upstream php {
                #this should match value of "listen" directive in php-fpm pool
        server unix:/tmp/php-fpm.sock;
        server localhost:9000;
    }

    server {
            listen 80 default_server;

            server_name _;

            root /var/www/html;

            add_header X-Frame-Options "SAMEORIGIN";
            add_header X-XSS-Protection "1; mode=block";
            add_header X-Content-Type-Options "nosniff";

            index index.html index.htm index.php;

            charset utf-8;

            location / {
                    try_files $uri $uri/ /index.php?$query_string;
            }

            # Prevent Direct Access To Protected Files
            location ~ \.(env|log) {
                    deny all;
            }

            # Prevent Direct Access To Protected Folders
            location ~ ^/(^app$|bootstrap|config|database|overrides|resources|routes|storage|tests|artisan) {
                    deny all;
            }

            # Prevent Direct Access To modules/vendor Folders Except Assets
            location ~ ^/(modules|vendor)\/(.*)\.((?!ico|gif|jpg|jpeg|png|js\b|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ {
                    deny all;
            }

            error_page 404 /index.php;

            # Pass PHP Scripts To FastCGI Server
            location ~ \.php$ {
                    fastcgi_split_path_info ^(.+\.php)(/.+)$;
                    fastcgi_pass php;
                    fastcgi_index index.php;
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    include fastcgi_params;
            }

            location ~ /\.(?!well-known).* {
                    deny all;
            }
    }
}