add_header                    X-Frame-Options "SAMEORIGIN";
add_header                    X-Content-Type-Options nosniff;
add_header                    X-XSS-Protection "1; mode=block";
add_header                    X-Robots-Tag none;
add_header                    X-Download-Options noopen;
add_header                    X-Permitted-Cross-Domain-Policies none;
add_header                    Strict-Transport-Security 'max-age=31536000; includeSubDomains;';
add_header                    Referrer-Policy no-referrer always;

%for %%location in %%nginx_locations
location %%location {
%if %%location == '/'
  root                        %slurp
%else
  alias                       %slurp
%end if
%%nginx_root_directory;
%if not %%getVar('php_fpm_installed', False)
  index                       index.html;
%else
  index                       index.php;
  location ~ ^(?<script_name>.+?\.php)(?<path_info>/.*)?$ {
    fastcgi_pass              php-fpm;
    fastcgi_index             index.php;
    fastcgi_param             SCRIPT_FILENAME $request_filename;
    include                   fastcgi_params;
  }
%end if
}
%end for