# Basis-Konfiguration für media.

# Don't allow to get framed by sites that aren't on the same domain
add_header X-Frame-Options SAMEORIGIN;

# Tell clients never to use http or self-signed (!) certificates
# There's no way to bypass this option after it has been cached!
add_header Strict-Transport-Security max-age=31536000;

location ~ /\. {
    deny all;
    access_log off;
    log_not_found off;
}

root /var/www/media;

disable_symlinks on from=$document_root;

location / {
    autoindex on;
    autoindex_exact_size on;
    autoindex_localtime off;
}