#it's already in the http directive

server {
    listen 25000 ssl;

    root /root/attachment-server/attachment-server/;

    add_header Access-Control-Allow-Origin * always;

    charset utf-8;

    client_body_buffer_size 0;
    client_max_body_size 0;
    gzip off;
    proxy_buffering off;
    proxy_request_buffering off;
    fastcgi_buffering off;
    fastcgi_request_buffering off;
    tcp_nopush off;
    tcp_nodelay on;

    location = / {
        allow all;
        index index.html;
    }

    location = /index.html {
        allow all;
    }

    location = /api.php {
        allow all;
        include fastcgi_params;
        fastcgi_pass unix:/var/run/php8.2-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_read_timeout 1800s;
    }

    location /assets/ {
        allow all;
    }

    location / {
        deny all;
    }

    error_page 405 =200 $uri;

    ssl_certificate /root/wp24-atdl.ly65.top_ecc/cert1.pem;
    ssl_certificate_key /root/wp24-atdl.ly65.top_ecc/privkey1.pem;

    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
}