diff --git a/docs/example.nginx.conf b/docs/example.nginx.conf
index bef853d26..6d45b8198 100644
--- a/docs/example.nginx.conf
+++ b/docs/example.nginx.conf
@@ -106,7 +106,7 @@ server {
     if ($uri ~ ^\/common\/onlyoffice\/.*\/index\.html.*$) { set $unsafe 1; }
 
     # everything except the sandbox domain is a privileged scope, as they might be used to handle keys
-    if ($host != sandbox.cryptpad.info) { set $unsafe 0; }
+    if ($host != $sandbox_domain) { set $unsafe 0; }
 
     # privileged contexts allow a few more rights than unprivileged contexts, though limits are still applied
     if ($unsafe) {