server {
    server_name  example.com www.example.com;
    charset utf-8;
    root /srv/projects/example.com;

    # Настройки сжатия
    gzip on;
    gzip_disable "msie6";
    gzip_comp_level 6;
    gzip_min_length  1100;
    gzip_buffers 16 8k;
    gzip_proxied any;
    gzip_types text/plain application/xml
    application/javascript
    text/css
    text/js
    text/xml
    application/x-javascript
    text/javascript
    application/json
    application/xml+rss;

    # Настройки клиентов
    client_max_body_size            100m;
    client_body_buffer_size         128k;
    client_header_timeout           3m;
    client_body_timeout             3m;
    send_timeout                    3m;
    client_header_buffer_size       1k;
    large_client_header_buffers     4 16k;

    # Логирование
    access_log /srv/projects/example.com/access.log;
    error_log  /srv/projects/example.com/error.log;

    # Индексный файл
    index index.php;

    # Безопасные заголовки
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-Content-Type-Options nosniff;

    # Обработка запросов
    location / {
        try_files $uri @ee_frame;
    }

    location @ee_frame { 
        rewrite ^/(.+)$ /index.php?route=$1 last; 
    } 

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_pass unix:/run/php/php8.1-fpm.sock;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_read_timeout 300;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }

    # Блокировка доступа к определенным папкам
    location ~ /(logs|classes|layouts|inc) {
        deny all;
        return 404;
    }

    # Защита от нежелательных файлов
    location ~ /\.ht {
        deny all;
    }

    location ~* \/\.git {
        deny all;
    }

    # Ограничение запросов (если требуется)
    #limit_req_zone $binary_remote_addr zone=one:10m rate=5r/s;
}
