diff --git a/webapps/nextcloud/templates/nginx.conf.j2 b/webapps/nextcloud/templates/nginx.conf.j2
index ffb72f01..78532377 100644
--- a/webapps/nextcloud/templates/nginx.conf.j2
+++ b/webapps/nextcloud/templates/nginx.conf.j2
@@ -35,20 +35,19 @@ server {
         access_log off;
     }
 
-    # The following 2 rules are only needed for the user_webfinger app.
-    # Uncomment it if you're planning to use this app.
-    rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
-    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+    # Make a regex exception for `/.well-known` so that clients can still
+    # access it despite the existence of the regex rule
+    # `location ~ /(\.|autotest|...)` which would otherwise handle requests
+    # for `/.well-known`.
+    location ^~ /.well-known {
+        # The following 6 rules are borrowed from `.htaccess`
 
-    # The following rule is only needed for the Social app.
-    # Uncomment it if you're planning to use this app.
-    rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
+        location = /.well-known/carddav     { return 301 /remote.php/dav/; }
+        location = /.well-known/caldav      { return 301 /remote.php/dav/; }
+        # Anything else is dynamically handled by Nextcloud
+        location ^~ /.well-known            { return 301 /index.php$uri; }
 
-    location = /.well-known/carddav {
-      return 301 $scheme://$host:$server_port/remote.php/dav;
-    }
-    location = /.well-known/caldav {
-      return 301 $scheme://$host:$server_port/remote.php/dav;
+        try_files $uri $uri/ =404;
     }
 
     # set max upload size