diff --git a/nginx/default.conf b/nginx/default.conf
old mode 100644
new mode 100755
index eeda4e6..4e47f74
--- a/nginx/default.conf
+++ b/nginx/default.conf
@@ -1,32 +1,47 @@
 server {
-    listen 80;
- 
-    add_header Content-Security-Policy "upgrade-insecure-requests"; 
-    index index.php index.html;
+    listen 80;  # 88 yerine 80 kullanın
     server_name localhost;
     root /var/www/public;
+    index index.php index.html;
 
+    # HTTPS için proxy headers
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-Port $server_port;
+
+    # Güvenlik başlıkları
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header X-Content-Type-Options "nosniff" always;
+
+    # Ana location
     location / {
         try_files $uri $uri/ /index.php?$query_string;
     }
 
+    # PHP dosyaları için
     location ~ \.php$ {
-        proxy_set_header X-Forwarded-Proto $scheme;
-        include fastcgi_params;
         fastcgi_pass app:9000;
         fastcgi_index index.php;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include fastcgi_params;
+        
+        # HTTPS için ek parametreler
+        fastcgi_param HTTPS on;
+        fastcgi_param HTTP_X_FORWARDED_PROTO https;
         
         # Timeout ayarları
         fastcgi_read_timeout 300;
         fastcgi_connect_timeout 300;
         fastcgi_send_timeout 300;
-        proxy_read_timeout 300;
-        proxy_connect_timeout 300;
-        proxy_send_timeout 300;
     }
 
+    # Gizli dosyaları engelle
     location ~ /\.ht {
         deny all;
     }
+
+    # Log dosyalarını engelle
+    location ~ /\.log {
+        deny all;
+    }
 }