NGINX configuration

nginx-cors-socket.conf

server {

       server_name site.com www.site.com;

       access_log /var/log/nginx/access.log;
       error_log /var/log/nginx/error.log;

        root /var/www/site.com/html/public;
        index index.php index.html;

		more_set_headers 'Access-Control-Allow-Origin: $http_origin';
        more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE, HEAD';
        more_set_headers 'Access-Control-Allow-Credentials: true';
        more_set_headers 'Access-Control-Allow-Headers: Origin,Content-Type,Accept,Authorization';


        location / {

		# Preflighted requests
		if ($request_method = 'OPTIONS') {
				more_set_headers 'Access-Control-Allow-Origin: $http_origin';
				more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD';
				more_set_headers 'Access-Control-Max-Age: 1728000';
				more_set_headers 'Access-Control-Allow-Credentials: true';
				more_set_headers 'Access-Control-Allow-Headers: Origin,Content-Type,Accept,Authorization,X-Requested-With,X-CSRF-TOKEN,X-Socket-Id';
				more_set_headers 'Content-Type: text/plain; charset=UTF-8';
				more_set_headers 'Content-Length: 0';
				return 204;
			}

			 try_files $uri $uri/ /index.php$is_args$args;
        }

        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
        #
        #       # With php-fpm (or other unix sockets):
                fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
        #       # With php-cgi (or other tcp sockets):
        #       fastcgi_pass 127.0.0.1:9000;
        }

        location ~ /\.ht {
                deny all;
        }
		
		#ssl managed by certbot


}

nginx-cors.conf

server {

	# redirect to www
	#if ($host !~ ^www\.) {
	#    rewrite ^ $scheme://www.$host$request_uri permanent;
	#}

	root /var/www/site.com/html/public;

	# Add index.php to the list if you are using PHP
	index index.html index.htm index.php index.nginx-debian.html;

	server_name site.com www.site.com;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		# try_files $uri $uri/ =404;
		try_files $uri $uri/ /index.php$is_args$args;
	}

	# pass PHP scripts to FastCGI server
	#
	location ~ \.php$ {
		# Add CORS
		more_set_headers "Access-Control-Allow-Origin: $http_origin";
		more_set_headers "Access-Control-Allow-Credentials: true";
		more_set_headers "Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD";
		more_set_headers "Access-Control-Allow-Headers: Keep-Alive,X-Requested-With,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization";
		more_set_headers "Access-Control-Max-Age: 1728000";


		include snippets/fastcgi-php.conf;
	#
	#	# With php-fpm (or other unix sockets):
		fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
	#	# With php-cgi (or other tcp sockets):
	#	fastcgi_pass 127.0.0.1:9000;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	location ~ /\.ht {
		deny all;
	}



    # ssl extra info managed by Certbot
   
}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#	listen 80;
#	listen [::]:80;
#
#	server_name example.com;
#
#	root /var/www/example.com;
#	index index.html;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}