server {
	listen 80 default_server;
	listen [::]:80 default_server;

	# SSL configuration
	#
	# listen 443 ssl default_server;
	# listen [::]:443 ssl default_server;
	#
	# Note: You should disable gzip for SSL traffic.
	# See: https://bugs.debian.org/773332
	#
	# Read up on ssl_ciphers to ensure a secure configuration.
	# See: https://bugs.debian.org/765782
	#
	# Self signed certs generated by the ssl-cert package
	# Don't use them in a production server!
	#
	# include snippets/snakeoil.conf;

	root /var/www/html;

	# Add index.php to the list if you are using PHP
	index index.html index.htm index.php;

	server_name _;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ =404;
	}

	location /phpmyadmin {
		root /usr/share/webapps/;
		auth_basic "Admin Login";
    auth_basic_user_file passwds;

    # Deny static files
    location ~ ^/phpMyAdmin/(README|LICENSE|ChangeLog|DCO)$ {
      deny all;
    }

    # Deny .md files
    location ~ ^/phpMyAdmin/(.+\.md)$ {
      deny all;
    }

    # Deny setup directories
    location ~ ^/phpMyAdmin/(doc|sql|setup)/ {
      deny all;
    }

    location ~ ^/phpmyadmin/(.+\.php)$ {
      fastcgi_pass      127.0.0.1:9000;
      fastcgi_index     index.php;
      include           fastcgi.conf;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      try_files $uri $document_root$fastcgi_script_name =404;

      fastcgi_split_path_info ^(.+\.php)(/.*)$;
      fastcgi_param PATH_INFO $fastcgi_path_info;

      fastcgi_param HTTP_PROXY "";
      fastcgi_param HTTPS on;
      fastcgi_request_buffering off;
    }

    location ~ ^/phpmyadmin/(.*\.(eot|otf|woff|ttf|css|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|xls|tar|bmp))$ {
      root /usr/share/webapps/;
      expires 30d;
      log_not_found off;
      access_log off;
    }
	}

	# pass PHP scripts to FastCGI server
	location ~ \.php$ {
		fastcgi_pass      127.0.0.1:9000;
    fastcgi_index     index.php;
    include           fastcgi.conf;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	location ~ /\.ht {
		deny all;
	}

  ## Images and static content is treated different
  location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml)$ {
    access_log        off;
    expires           max;
  }

	location ~ /(libraries|setup/frames|setup/libs) {
		deny all;
		return 404;
	}

	location /nginx_status {
	  stub_status on;
	  access_log   off;
	  allow 127.0.0.1;
	  # allow CURRENT-SERVER-IP;
	  deny all;
	}

  # website should not be displayed inside a <frame>, an <iframe> or an <object>
  add_header X-Frame-Options DENY;
}