diff --git a/conf/nginx.conf b/conf/nginx.conf
index 15bf0d2..5055b22 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -103,19 +103,19 @@ location /media/attachments/ {
   more_set_headers "Access-Control-Allow-Origin: *";
 }
 
-    # This is an internal location that is used to serve
-    # media (uploaded) files once correct permission / authentication
-    # has been checked on API side.
-    # Comment the "NON-S3" commented lines and uncomment "S3" commented lines
-    # if you're storing media files in a S3 bucket.
- location ~ /_protected/media/(.+) {
-   internal;
-   alias  __DATA_DIR__/data/media/$1;                                           # NON-S3
-   # Needed to ensure DSub auth isn't forwarded to S3/Minio, see #932.
+# This is an internal location that is used to serve
+# media (uploaded) files once correct permission / authentication
+# has been checked on API side.
+# Comment the "NON-S3" commented lines and uncomment "S3" commented lines
+# if you're storing media files in a S3 bucket.
+location ~ /_protected/media/(.+) {
+  internal;
+  alias  __DATA_DIR__/data/media/$1;                                       # NON-S3
+# Needed to ensure DSub auth isn't forwarded to S3/Minio, see #932.
 #       proxy_set_header Authorization "";                                  # S3
 #       proxy_pass $1;                                                      # S3
     more_set_headers "Access-Control-Allow-Origin: *";
- }
+}
 
 location /_protected/music/ {
   # this is an internal location that is used to serve