From 9b54f8665be0342b20486f39ac9c8411b33c430c Mon Sep 17 00:00:00 2001
From: ericgaspar <junk.eg@free.fr>
Date: Sun, 28 Nov 2021 14:32:32 +0100
Subject: [PATCH] Update nginx.conf

---
 conf/nginx.conf | 62 ++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 61 insertions(+), 1 deletion(-)

diff --git a/conf/nginx.conf b/conf/nginx.conf
index 27ea414..289c78b 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -9,7 +9,8 @@ location __PATH__/ {
   # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file
   #client_max_body_size 50M;
 
-  try_files $uri $uri/ index.php;
+  try_files $uri $uri/ /index.php$is_args$args;
+
   location ~ [^/]\.php(/|$) {
     fastcgi_split_path_info ^(.+?\.php)(/.*)$;
     fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
@@ -26,6 +27,65 @@ location __PATH__/ {
     #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
   }
 
+
+    # Images.
+    rewrite ^/(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$1$2.jpg last;
+    rewrite ^/(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$1$2$3.jpg last;
+    rewrite ^/(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$1$2$3$4.jpg last;
+    rewrite ^/(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5.jpg last;
+    rewrite ^/(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6.jpg last;
+    rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7.jpg last;
+    rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8.jpg last;
+    rewrite ^/(\d)(\d)(\d)(\d)(\d)(\d)(\d)(\d)(-[\w-]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9.jpg last;
+    rewrite ^/c/([\w.-]+)/.+\.jpg$ /img/c/$1.jpg last;
+
+    # AlphaImageLoader for IE and FancyBox.
+    rewrite ^images_ie/?([^/]+)\.(gif|jpe?g|png)$ js/jquery/plugins/fancybox/images/$1.$2 last;
+
+    # Web service API.
+    rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
+
+    # Installation sandbox.
+    rewrite ^(/install(?:-dev)?/sandbox)/.* /$1/test.php last;
+
+
+    # [EDIT] Replace 'admin-dev' in this block with the name of your admin directory.
+    #https://stackoverflow.com/questions/16262497/how-to-get-prestashop-admin-dir-admin-url
+    location /admin-dev/ {
+        if (!-e $request_filename) {
+            rewrite ^ /admin-dev/index.php last;
+        }
+    }
+
+    # .htaccess, .DS_Store, .htpasswd, etc.
+    location ~ /\. {
+        deny all;
+    }
+
+    # Source code directories.
+    location ~ ^/(app|bin|cache|classes|config|controllers|docs|localization|override|src|tests|tools|translations|var|vendor)/ {
+        deny all;
+    }
+
+    # vendor in modules directory.
+    location ~ ^/modules/.*/vendor/ {
+        deny all;
+    }
+
+    # Prevent exposing other sensitive files.
+    location ~ \.(log|tpl|twig|sass|yml)$ {
+        deny all;
+    }
+
+    # Prevent injection of PHP files.
+    location /img {
+        location ~ \.php$ { deny all; }
+    }
+
+    location /upload {
+        location ~ \.php$ { deny all; }
+    }
+
   # Include SSOWAT user panel.
   include conf.d/yunohost_panel.conf.inc;
 }