diff --git a/conf/nginx.conf b/conf/nginx.conf
index 548c7e2..993d7a8 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -1,31 +1,33 @@
-location / {
-  alias __INSTALL_DIR__/public/;
-  # try redirecting stuff to index.php
-  rewrite ^(.*)$ /index.php$1 last;
+server {
+    listen 80;
+    server_name __DOMAIN_NAME__;
+    root /example.com/public;
 
-  index index.php;
-  client_max_body_size 256M;
-  
-  #Laravel: append $query_string
-  try_files $uri $uri/ /index.php?$query_string;
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Content-Type-Options "nosniff";
 
-  location ~ [^/]\.php(/|$) {
-    fastcgi_split_path_info ^(.+\.php)(/.+)$;
-    #fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock;
-    fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm.sock;
+    index index.html index.htm index.php;
 
-    fastcgi_index index.php;
-    include fastcgi_params;
-    fastcgi_param PATH_INFO $fastcgi_path_info;
-    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-    fastcgi_pass_header Authorization;
-  }
+    charset utf-8;
 
-  # Include SSOWAT user panel.
-  include conf.d/yunohost_panel.conf.inc;
-}
-# not tested; it may have trouble redirecting
-location /api/ {
-  alias __INSTALL_DIR__/public/;
-  try_files $uri $uri/ /api/index.php?$query_string;
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location = /robots.txt  { access_log off; log_not_found off; }
+
+    error_page 404 /index.php;
+
+    location ~ \.php$ {
+        fastcgi_pass unix:/var/run/php__PHP_VERSION__-fpm.sock;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
+        include fastcgi_params;
+    }
+
+    location ~ /\.(?!well-known).* {
+        deny all;
+    }
 }