From c9c53149391cc8c70e3561381395bd212b2b2f0d Mon Sep 17 00:00:00 2001
From: ericgaspar <junk.eg@free.fr>
Date: Mon, 17 May 2021 22:58:01 +0200
Subject: [PATCH] Update nginx.conf

---
 conf/nginx.conf | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/conf/nginx.conf b/conf/nginx.conf
index 08b68fa..ba230ca 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -13,12 +13,19 @@ location __PATH__/ {
   more_set_headers "X-Content-Type-Options: nosniff";
   more_set_headers "X-XSS-Protection: 1; mode=block";
   
-    index index.php;
+  index index.php;
 
-    ## only allow accessing the following php files
-    location ~ ^/(index|matomo|piwik|js/index|plugins/HeatmapSessionRecording/configs)\.php$ {
-        fastcgi_param HTTP_PROXY ""; # prohibit httpoxy: https://httpoxy.org/
-        fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; #replace with the path to your PHP socket file
+  try_files $uri $uri/ =404;
+
+  location ~ [^/]\.php(/|$) {
+    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+    fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+
+    fastcgi_index index.php;
+    include fastcgi_params;
+    fastcgi_param REMOTE_USER     $remote_user;
+    fastcgi_param PATH_INFO       $fastcgi_path_info;
+    fastcgi_param SCRIPT_FILENAME $request_filename;
     }
 
     ## deny access to all other .php files
@@ -27,12 +34,10 @@ location __PATH__/ {
         return 403;
     }
 
-    try_files $uri $uri/ =404;
-
     ## disable all access to the following directories
     location ~ ^__PATH__/(config|tmp|core|lang) {
         deny all;
-        return 403; # replace with 404 to not show these directories exist
+        return 404;
     }
 
     location ~ __PATH__/\.ht {