Tom-Alexander/silverstripe.conf

## silverstripe.conf
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
proxy_connect_timeout 90;
proxy_send_timeout 180;
proxy_read_timeout 180;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_intercept_errors on;

# Defend against SS-2015-013 -- http://www.silverstripe.org/software/download/security-releases/ss-2015-013
if ($http_x_forwarded_host) {
    return 400;
}

location / {
    try_files $uri /framework/main.php?url=$uri&$query_string;
}

error_page 404 /assets/error-404.html;
error_page 500 /assets/error-500.html;

location ^~ /assets/ {
    sendfile on;
    try_files $uri =404;
}

location ~ /framework/.*(main|rpc|tiny_mce_gzip)\.php$ {
    fastcgi_keep_conn on;
    fastcgi_pass   127.0.0.1:9000;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include        fastcgi_params;
}

location ~ /(mysite|framework|cms)/.*\.(php|php3|php4|php5|phtml|inc)$ {
    deny all;
}

location ~ /\.. {
    deny all;
}

location ~ \.ss$ {
    satisfy any;
    allow 127.0.0.1;
    deny all;
}

location ~ web\.config$ {
    deny all;
}

location ~ \.ya?ml$ {
    deny all;
}

location ^~ /vendor/ {
    deny all;
}

location ~* /silverstripe-cache/ {
    deny all;
}

location ~* composer\.(json|lock)$ {
    deny all;
}

location ~* /(cms|framework)/silverstripe_version$ {
    deny all;
}

location /themes {
    rewrite "^(.+)\.(?:v\w{10,32})\.(js|css|png|jpg|gif)$" $1.$2 last;
    try_files $uri =404;
}

location ~ \.php$ {
    fastcgi_keep_conn on;
    fastcgi_pass   127.0.0.1:9000;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include        fastcgi_params;
    fastcgi_buffer_size 256k;
    fastcgi_busy_buffers_size 512k;
    fastcgi_buffers 4 256k;
    client_max_body_size 100M;
}
	fastcgi_buffer_size 128k;
	fastcgi_buffers 4 256k;
	fastcgi_busy_buffers_size 256k;
	proxy_connect_timeout 90;
	proxy_send_timeout 180;
	proxy_read_timeout 180;
	proxy_buffer_size 128k;
	proxy_buffers 4 256k;
	proxy_busy_buffers_size 256k;
	proxy_intercept_errors on;

	# Defend against SS-2015-013 -- http://www.silverstripe.org/software/download/security-releases/ss-2015-013
	if ($http_x_forwarded_host) {
	return 400;
	}

	location / {
	try_files $uri /framework/main.php?url=$uri&$query_string;
	}

	error_page 404 /assets/error-404.html;
	error_page 500 /assets/error-500.html;

	location ^~ /assets/ {
	sendfile on;
	try_files $uri =404;
	}

	location ~ /framework/.*(main\|rpc\|tiny_mce_gzip)\.php$ {
	fastcgi_keep_conn on;
	fastcgi_pass 127.0.0.1:9000;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	include fastcgi_params;
	}

	location ~ /(mysite\|framework\|cms)/.*\.(php\|php3\|php4\|php5\|phtml\|inc)$ {
	deny all;
	}

	location ~ /\.. {
	deny all;
	}

	location ~ \.ss$ {
	satisfy any;
	allow 127.0.0.1;
	deny all;
	}

	location ~ web\.config$ {
	deny all;
	}

	location ~ \.ya?ml$ {
	deny all;
	}

	location ^~ /vendor/ {
	deny all;
	}

	location ~* /silverstripe-cache/ {
	deny all;
	}

	location ~* composer\.(json\|lock)$ {
	deny all;
	}

	location ~* /(cms\|framework)/silverstripe_version$ {
	deny all;
	}

	location /themes {
	rewrite "^(.+)\.(?:v\w{10,32})\.(js\|css\|png\|jpg\|gif)$" $1.$2 last;
	try_files $uri =404;
	}

	location ~ \.php$ {
	fastcgi_keep_conn on;
	fastcgi_pass 127.0.0.1:9000;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	include fastcgi_params;
	fastcgi_buffer_size 256k;
	fastcgi_busy_buffers_size 512k;
	fastcgi_buffers 4 256k;
	client_max_body_size 100M;
	}