diff --git a/volumes/conf.d/etherpad.zinomedia.de.conf b/volumes/conf.d/etherpad.zinomedia.de.conf
index 54e4605..ecea1fe 100644
--- a/volumes/conf.d/etherpad.zinomedia.de.conf
+++ b/volumes/conf.d/etherpad.zinomedia.de.conf
@@ -11,47 +11,32 @@ server {
     ssl_certificate /etc/letsencrypt/live/etherpad.zinomedia.de/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/etherpad.zinomedia.de/privkey.pem;
 
-    # optional basic auth
+    # (optional) basic auth
     auth_basic "Protected";
     auth_basic_user_file /usr/share/nginx/html/etherpad.zinomedia.de/.htpasswd;
 
-    # ---- Allow normal files to pass through (exactly like wiki) ----
-    location ~ ^/(locales/|locales\.json|admin/|static/|pluginfw/|javascripts/|socket\.io/|ep/|minified/|api/|ro/|error/|jserror/|favicon\.ico|robots\.txt|.*\.js)$ {
-        proxy_pass http://etherpad:9001;
-        proxy_buffering off;
-        proxy_set_header Host $host;
-        proxy_pass_header Server;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection $connection_upgrade;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-    }
-
-    # ---- Redirect /p/* to the friendly version /<pad> (client-side 301; per wiki) ----
-    location /p/ {
-        rewrite ^/p/(.*) /$1 redirect;
-    }
-
-    # ---- Home page ----
-    location ~ ^/$ {
-        proxy_pass http://etherpad:9001;
-        proxy_buffering off;
-        proxy_set_header Host $host;
-        proxy_pass_header Server;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection $connection_upgrade;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-    }
-
-    # ---- Handle pad URLs (the trick) ----
-    # Upstream redirects to /p/<pad>; we rewrite that back to /<pad> for the browser.
     location / {
-        proxy_redirect / /p/;
+        rewrite ^/$ / break;
+        rewrite ^/locales/(.*) /locales/$1 break;
+        rewrite ^/locales.json /locales.json break;
+        rewrite ^/admin(.*) /admin$1 break;
+        rewrite ^/p/(.*) /p/$1 break;
+        rewrite ^/static/(.*) /static/$1 break;
+        rewrite ^/pluginfw/(.*) /pluginfw/$1 break;
+        rewrite ^/javascripts/(.*) /javascripts/$1 break;
+        rewrite ^/socket.io/(.*) /socket.io/$1 break;
+        rewrite ^/ep/(.*) /ep/$1 break;
+        rewrite ^/minified/(.*) /minified/$1 break;
+        rewrite ^/api/(.*) /api/$1 break;
+        rewrite ^/ro/(.*) /ro/$1 break;
+        rewrite ^/error/(.*) /error/$1 break;
+        rewrite ^/jserror(.*) /jserror$1 break;
+        rewrite ^/redirect(.*) /redirect$1 break;
+        rewrite ^/(.*\.js) /$1 break;
+        rewrite /favicon.ico /favicon.ico break;
+        rewrite /robots.txt /robots.txt break;
+        rewrite /(.*) /p/$1;
+
         proxy_pass http://etherpad:9001;
         proxy_buffering off;
         proxy_set_header Host $host;