server {
    listen 80;
    listen [::]:80; # IPv6 support
    listen 443 ssl http2;
    listen [::]:443 ssl http2; # IPv6 support

    server_name dev.example.com;

    index index.php;

    # Replace the path with the actual path to WordPress core files
    root /home/dev/sites/dev.example.com/public;

    # ssl_certificate "/etc/letsencrypt/live/dev.example.com/fullchain.pem";
    # ssl_certificate_key "/etc/letsencrypt/live/dev.example.com/privkey.pem";

    # access_log off;
    access_log /var/log/nginx/dev-example.com-access.log;
    error_log /var/log/nginx/dev-example.com-error.log;
    # error_log /var/log/nginx/dev-example.com-error.log debug;

    include "globals/restrictions.conf";

    location ~* \.(?:css|js|jpg|jpeg|png|gif|ico|svg|ttf|eot|woff|otf)$ { expires max; try_files $uri @prod; }

    location @prod {
        proxy_pass https://0.0.0.0;

        proxy_set_header Host "www.example.com";

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;

        # Mitigate https://httpoxy.org/ vulnerabilities
        fastcgi_param HTTP_PROXY "";

        include                     fastcgi.conf;
        fastcgi_index               index.php;
        fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
        fastcgi_intercept_errors    on;
        fastcgi_pass                fpm-dev;

        add_header "X-Cache" "MISS";
    }

    # The rewrite magic
    location / { try_files $uri $uri/ /index.php$is_args$args; }
    # include "globals/wp-super-cache.conf"; # WP Super Cache plugin support
    # include "globals/wp-rocket.conf";  # WP Rocket Cache plugin support
    # include "globals/wp-fastest-cache.conf";  # WP Rocket Cache plugin support
}