rom3r4/gist:7149525

## gistfile1.txt
server {
  listen *:80;

  server_name ___ENTER_YOUR_SITE_URL_HERE___;
  root /___PATH_TO_YOUR_DRUPAL_FILES_WITHOUT_TRAILING_DASH___;


  index index.php;

  access_log off;
  error_log /www/newvoa3r/logs/error.log;


  # advagg_css and advagg_js support
  location ~* advagg_(?:css|js)/ {
    access_log off;
    expires 365d;
    add_header ETag "";
    add_header Pragma "";
    add_header Cache-Control "public";
    try_files $uri @rewrite;
  }


  # No no for private
  location ~ ^/sites/.*/private/ {
     return 403;
  }

  # period. This includes directories used by version control systems such
  # as Subversion or Git to store control files.
  location ~ (^|/)\. {
      return 403;
  }

  location / {
     # This is cool because no php is touched for static content
     # allow 127.0.0.1;
     # deny all;
     try_files $uri @rewrite;
  }

  location @rewrite {
    # For D7 and above:
    # Clean URLs are handled in drupal_environment_initialize().
    rewrite ^ /index.php;

    # For Drupal 6 and bwlow:
    # Some modules enforce no slash (/) at the end of the URL
    # Else this rewrite block wouldn't be needed (GlobalRedirect)
    # rewrite ^/(.*)$ /index.php?q=$1;
  }

  # Fighting with ImageCache? This little gem is amazing.
  location ~ ^/sites/.*/files/imagecache/ {
    try_files $uri @rewrite;
  }

  # Catch image styles for D7 too.
  location ~ ^/sites/.*/files/styles/ {
       try_files $uri @rewrite;
  }

  location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
    expires max;
    log_not_found off;
  }


  location = /favicon.ico {
    log_not_found off;
    access_log off;
  }

  location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
  }

  # This matters if you use drush
  location = /backup {
    deny all;
  }

  # This matters if you use drush
  location = /logs {
    deny all;
  }

  # Very rarely should these ever be accessed outside of your lan
  location ~* \.(txt|log)$ {
    deny all;
  }

  location ~ \..*/.*\.php$ {
    return 403;
  }


  location ~ \.php$ {

    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_intercept_errors on;
    fastcgi_pass phpbackend;

  }

}
	server {
	listen *:80;

	server_name ___ENTER_YOUR_SITE_URL_HERE___;
	root /___PATH_TO_YOUR_DRUPAL_FILES_WITHOUT_TRAILING_DASH___;


	index index.php;

	access_log off;
	error_log /www/newvoa3r/logs/error.log;



	# advagg_css and advagg_js support
	location ~* advagg_(?:css\|js)/ {
	access_log off;
	expires 365d;
	add_header ETag "";
	add_header Pragma "";
	add_header Cache-Control "public";
	try_files $uri @rewrite;
	}


	# No no for private
	location ~ ^/sites/.*/private/ {
	return 403;
	}

	# period. This includes directories used by version control systems such
	# as Subversion or Git to store control files.
	location ~ (^\|/)\. {
	return 403;
	}

	location / {
	# This is cool because no php is touched for static content
	# allow 127.0.0.1;
	# deny all;
	try_files $uri @rewrite;
	}

	location @rewrite {
	# For D7 and above:
	# Clean URLs are handled in drupal_environment_initialize().
	rewrite ^ /index.php;

	# For Drupal 6 and bwlow:
	# Some modules enforce no slash (/) at the end of the URL
	# Else this rewrite block wouldn't be needed (GlobalRedirect)
	# rewrite ^/(.*)$ /index.php?q=$1;
	}

	# Fighting with ImageCache? This little gem is amazing.
	location ~ ^/sites/.*/files/imagecache/ {
	try_files $uri @rewrite;
	}

	# Catch image styles for D7 too.
	location ~ ^/sites/.*/files/styles/ {
	try_files $uri @rewrite;
	}

	location ~* \.(js\|css\|png\|jpg\|jpeg\|gif\|ico)$ {
	expires max;
	log_not_found off;
	}




	location = /favicon.ico {
	log_not_found off;
	access_log off;
	}

	location = /robots.txt {
	allow all;
	log_not_found off;
	access_log off;
	}

	# This matters if you use drush
	location = /backup {
	deny all;
	}

	# This matters if you use drush
	location = /logs {
	deny all;
	}

	# Very rarely should these ever be accessed outside of your lan
	location ~* \.(txt\|log)$ {
	deny all;
	}

	location ~ \../.\.php$ {
	return 403;
	}


	location ~ \.php$ {

	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
	include fastcgi_params;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	fastcgi_intercept_errors on;
	fastcgi_pass phpbackend;

	}

	}