Fix nginx security issue https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/

nextcloud/nginx.conf

@@ -84,7 +84,7 @@ http {
         #pagespeed off;
 
         location / {
-            rewrite ^ /index.php$request_uri;
+            rewrite ^ /index.php
         }
 
         location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
@@ -96,12 +96,14 @@ http {
 
         location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
             fastcgi_split_path_info ^(.+\.php)(/.*)$;
+            try_files $fastcgi_script_name =404;
             include fastcgi_params;
             fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
             fastcgi_param PATH_INFO $fastcgi_path_info;
             fastcgi_param HTTPS on;
             #Avoid sending the security headers twice
             fastcgi_param modHeadersAvailable true;
+            # Enable pretty urls
             fastcgi_param front_controller_active true;
             fastcgi_pass php-handler;
             fastcgi_intercept_errors on;