diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 6e7acb6..4e2f07b 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -1,26 +1,28 @@
 user nginx;
 worker_processes auto;
 
-error_log  /var/log/nginx/error.log notice;
-pid        /var/run/nginx.pid;
+error_log /var/log/nginx/error.log warn;
+pid /var/run/nginx.pid;
 
 events {
-    worker_connections  1024;
+    worker_connections 1024;
 }
 
 http {
-    include       /etc/nginx/mime.types;
-    default_type  application/octet-stream;
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
 
-    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
-                      '$status $body_bytes_sent "$http_referer" '
-                      '"$http_user_agent" "$http_x_forwarded_for"';
+    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+                    '$status $body_bytes_sent "$http_referer" '
+                    '"$http_user_agent" "$http_x_forwarded_for"';
 
-    access_log  /var/log/nginx/access.log  main;
+    access_log /var/log/nginx/access.log main;
 
-    sendfile 		on;
-
-    keepalive_timeout	65;
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
 
     gzip on;
     gzip_vary on;
@@ -32,26 +34,33 @@ http {
         listen 80;
         listen [::]:80;
         server_name localhost;
-        port_in_redirect off;
+        root /usr/share/nginx/html;
+        index index.html index.htm;
 
-        root   /usr/share/nginx/html;
-        index  index.html index.htm;
-        rewrite ^([^.]*[^/])$ $1/ permanent;
-        try_files $uri $uri/ $uri/index.html =404;
+        location / {
+            try_files $uri $uri/ /index.html;
+        }
 
-        location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|webp)$ {
-            expires 60d;
+        location ~* \.(?:ico|css|js|gif|jpe?g|png|svg|woff|woff2|eot|ttf|webp)$ {
+            expires 30d;
             add_header Cache-Control "public, no-transform";
         }
 
+        error_page 404 /404.html;
+        location = /404.html {
+            internal;
+        }
+
         error_page 500 502 503 504 /50x.html;
         location = /50x.html {
-            root /usr/share/nginx/html;
+            internal;
         }
 
         add_header X-Frame-Options "SAMEORIGIN";
         add_header X-Content-Type-Options "nosniff";
         add_header X-XSS-Protection "1; mode=block";
         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+        add_header Referrer-Policy "strict-origin-when-cross-origin";
+        add_header Permissions-Policy "geolocation=(), microphone=(), camera=()";
     }
 }