OK, as usual posting here has been part of my process for finding the solution.
This problem is resolved, but I’d like to leave this thread here for anyone else looking for a solution to this problem and/or a working example for nginx rewrite templates!
Here’s what I did:
I created the following file:
project/
trellis/
nginx-includes/
example.com
rewrites.conf.j2
The contents of this rewrites.conf.j2 are as follows:
location ~ ^/app/uploads/formidable/css/(.*) {
try_files $uri /dev/null =404;
}
location ~ ^/app/uploads/formidable/(.*) {
if ($http_referer !~ "^http(s)?://(www\.)?example.com/.*$"){
return 403;
}
}
```
I reprovisioned my server and it resolved the issue.
This resolved the `uploads` directory being open to the world, while maintaining the `css` directory which Formidable keeps when you make changes to the default CSS using the admin.
Whew. I learned a lot today. Now I need to apply this fix to like five other sites.
Thanks for bearing with me.