diff --git a/backend/nginx.conf b/backend/nginx.conf
index e63dcfe..18d410e 100644
--- a/backend/nginx.conf
+++ b/backend/nginx.conf
@@ -39,15 +39,15 @@ http {
             internal;
             alias /code/media/;
             try_files $uri =404;
+        }
 
-            # Nested location for PDFs
-            location ~* \.pdf$ {
-                add_header Content-Security-Policy "default-src 'self'; script-src 'none'; object-src 'none'; base-uri 'none'" always;
-                add_header X-Content-Type-Options nosniff always;
-                add_header X-Frame-Options SAMEORIGIN always;
-                add_header Content-Disposition "inline" always;
-    }
-}
+        # Separate location for PDFs under /protectedMedia/
+        location ~* ^/protectedMedia/.*\.pdf$ {
+            add_header Content-Security-Policy "default-src 'self'; script-src 'none'; object-src 'none'; base-uri 'none'" always;
+            add_header X-Content-Type-Options nosniff always;
+            add_header X-Frame-Options SAMEORIGIN always;
+            add_header Content-Disposition "inline" always;
+        }
 
 
     }