Unable to locate record in ngnix config

Hello,

I have some recommendations in my WordPress Defender Plugin. However I'm having trouble putting the recommended code in the server config.

I'm running LEMP Stack VPS. I'm accessing /etc/ngnix/ngnix.conf ... it looks like this

user www-data;
worker_processes 4;
pid /run/nginx.pid;

events {
worker_connections 768;
# multi_accept on;
}

http {

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;

server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

# Enable Gzip compression
gzip on;

# Compression level (1-9)
gzip_comp_level 5;

# Don't compress anything under 256 bytes
gzip_min_length 256;

# Compress output of these MIME-types
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/x-javascript
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/plain
text/javascript
text/x-component;

# Disable gzip for bad browsers
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##

#include /etc/nginx/naxsi_core.rules;

##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##

#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
# set client body size to 4M #
client_max_body_size 4M;
}

#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}

The defender recommendation is as follows:
OVERVIEW

Often servers are incorrectly configured, and can allow an attacker to get access to sensitive information that can be used in attacks. WP Defender can help you prevent that disclosure.

HOW TO FIX

For NGINX servers:

Copy the generated code into your site specific .conf file usually located in a subdirectory under /etc/nginx/... or /usr/local/nginx/conf/...
Add the code above inside the server section in the file, right before the php location block. Looks something like:

location ~ \.php$ {

Reload NGINX.
## WP Defender - Prevent information disclosure ##
# Turn off directory indexing
autoindex off;

# Deny access to htaccess and other hidden files
location ~ /\. {
deny all;
}

# Deny access to wp-config.php file
location = /wp-config.php {
deny all;
}

# Deny access to revealing or potentially dangerous files in the /wp-content/ directory (including sub-folders)
location ~* ^/wp-content/.*\.(txt|md|exe|sh|bak|inc|pot|po|mo|log|sql)$ {
deny all;
}
## WP Defender - End ##

And

OVERVIEW

By default, a plugin/theme vulnerability could allow a PHP file to get uploaded into your site's directories and in turn execute harmful scripts that can wreak havoc on your website. Prevent this altogether by disabling direct PHP execution in directories that don't require it.

HOW TO FIX

For NGINX servers:

Copy the generated code into your site specific .conf file usually located in a subdirectory under /etc/nginx/... or /usr/local/nginx/conf/...
Add the code above inside the server section in the file, right before the php location block. Looks something like:

location ~ \.php$ {

Reload NGINX.
## WP Defender - Prevent PHP Execution ##
# Stop php access except to needed files in wp-includes
location ~* ^/wp-includes/.*(?<!(js/tinymce/wp-tinymce))\.php$ {
internal; #internal allows ms-files.php rewrite in multisite to work
}

# Specifically locks down upload directories in case full wp-content rule below is skipped
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}

# Deny direct access to .php files in the /wp-content/ directory (including sub-folders).
# Note this can break some poorly coded plugins/themes, replace the plugin or remove this block if it causes trouble
location ~* ^/wp-content/.*\.php$ {
deny all;
}
## WP Defender - End ##

I have tried placing it in different parts of the file without luck. Ngnix will not restart.

Any help would be appreciated.