diff --git a/nginx/sites-enabled/default b/nginx/sites-enabled/default
index 36ee675..fd7e877 100644
--- a/nginx/sites-enabled/default
+++ b/nginx/sites-enabled/default
@@ -17,10 +17,6 @@ server {
 		return 301 https://$server_name$request_uri;
 	}
 
-	location ^~ /diary {
-		auth_basic "Restricted";
-		auth_basic_user_file /etc/nginx/passwd/passwd;
-	}
 
 	location / {
 		add_header Strict-Transport-Security "max-age=31536000";
@@ -32,7 +28,11 @@ server {
 		proxy_set_header Connection "upgrade";
 	}
 
-	location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ {
+	location ~ (.*)/cdn/(.*)$ {
+		autoindex on;
+	}
+
+	location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz|woff2|woff|ttf)$ {
 		proxy_pass http://127.0.0.1:8080;
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header Host $http_host;
@@ -67,13 +67,5 @@ server {
 		rewrite ".*" https://git.zeekling.cn/$1;
 	}
 
-	location ~ \.php$ {
-		add_header Strict-Transport-Security "max-age=31536000";
-		include snippets/fastcgi-php.conf;
-		fastcgi_split_path_info ^(.+\.php)(/.+)$;
-		#fastcgi_index index.php;
-		fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
-		include fastcgi_params;
-	}
 }
 
diff --git a/nginx/sites-enabled/doc.conf b/nginx/sites-enabled/doc.conf
index dae15bc..c9c41ba 100644
--- a/nginx/sites-enabled/doc.conf
+++ b/nginx/sites-enabled/doc.conf
@@ -26,7 +26,7 @@ server {
 		proxy_set_header Upgrade $http_upgrade;
 	}
 
-	location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ {
+	location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz|woff2|woff|ttf)$ {
 		proxy_pass http://127.0.0.1:8181;
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header Host $http_host;
diff --git a/nginx/sites-enabled/git.conf b/nginx/sites-enabled/git.conf
index c0ab133..137408a 100644
--- a/nginx/sites-enabled/git.conf
+++ b/nginx/sites-enabled/git.conf
@@ -26,7 +26,7 @@ server {
 		proxy_set_header Upgrade $http_upgrade;
 	}
 
-	location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ {
+	location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz|woff2|woff|ttf)$ {
 		proxy_pass http://127.0.0.1:3003;
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header Host $http_host;
diff --git a/nginx/sites-enabled/img.conf b/nginx/sites-enabled/img.conf
index e117d09..7d22ea3 100644
--- a/nginx/sites-enabled/img.conf
+++ b/nginx/sites-enabled/img.conf
@@ -32,7 +32,7 @@ server {
 		try_files $uri $uri/ /api.php;
 	}
 
-	location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz)$ {
+	location ~ .(jpg|png|gif|css|js|pdf|scss|ico|jpeg|bmp|flv|mp4|mp3|swf|wma|wmv|asf|mmf|zip|rar|gz|woff2|woff|ttf)$ {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header Host $http_host;
 		proxy_set_header Upgrade $http_upgrade;
@@ -48,6 +48,9 @@ server {
 	location /ads.txt {
 		autoindex on;
 	}
+	location /shenma-site-verification.txt {
+		autoindex on;
+	}
 	location /admin {
 		add_header Strict-Transport-Security "max-age=31536000";
 		try_files $uri /admin/index.php?$args;