diff --git a/cfg/ngx/00101111.xyz.conf b/cfg/ngx/00101111.xyz.conf
new file mode 100644
index 0000000..a32b8e0
--- /dev/null
+++ b/cfg/ngx/00101111.xyz.conf
@@ -0,0 +1,50 @@
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# configuration of 00101111.xyz / frode klevstul / oct 2025
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+# enforce ssl and bare domain (without www) for http requests
+# ($server_name will return the first value given)
+server {
+    listen 80;
+    server_name 00101111.xyz www.00101111.xyz;
+    return 301 https://$server_name$request_uri;
+}
+
+# www to bare domain for https requests
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    http2 on;
+
+    ssl_certificate /etc/nginx/acme.sh/00101111.xyz/fullchain.pem;
+    ssl_certificate_key /etc/nginx/acme.sh/00101111.xyz/key.pem;
+    ssl_trusted_certificate /etc/nginx/acme.sh/00101111.xyz/cert.pem;
+
+    server_name www.00101111.xyz;
+    return 301 $scheme://00101111.xyz$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    http2 on;
+
+    ssl_certificate /etc/nginx/acme.sh/00101111.xyz/fullchain.pem;
+    ssl_certificate_key /etc/nginx/acme.sh/00101111.xyz/key.pem;
+    ssl_trusted_certificate /etc/nginx/acme.sh/00101111.xyz/cert.pem;
+
+    root /var/www/00101111.xyz;
+    index index.html;
+    server_name 00101111.xyz;
+
+    # redirect 404 not found to the root
+    location / {
+	   error_page 404 = @myownredirect;
+    }
+
+    location @myownredirect {
+        return 302 /;
+    }
+
+    include fcgiwrap.conf;
+}