server {
       listen 80;
       server_name www.example.com example.com;
       root /var/www/www.example.com/web;

       if ($http_host != "www.example.com") {
                 rewrite ^ http://www.example.com$request_uri permanent;
       }

       index index.php index.html;

       location = /favicon.ico {
                log_not_found off;
                access_log off;
       }

       location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
       }

       # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
       location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
       }

       client_max_body_size 100M;

       location ~ /(COPYRIGHT|LICENSE|README|htaccess)\.txt {
                deny  all;
       }
       location ~ ^/site(-[^/]+)?/assets/(.*\.php|backups|cache|config|install|logs|sessions) {
                deny  all;
       }
       location ~ ^/site(-[^/]+)?/install {
                deny  all;
       }
       location ~ ^/(site(-[^/]+)?|wire)/(config(-dev)?|index\.config)\.php {
                deny  all;
       }
       location ~ ^/((site(-[^/]+)?|wire)/modules|wire/core)/.*\.(inc|module|php|tpl) {
                deny  all;
       }
       location ~ ^/(site(-[^/]+)?|wire)/templates(-admin)?/.*\.(inc|html?|php|tpl) {
                deny  all;
       }

       ### GLOBAL REWRITE
       location / {
                try_files  $uri  $uri/  /index.php?it=$uri&$args;
       }

       location ~ \.php$ {
                try_files $uri =404;
                include /etc/nginx/fastcgi_params;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_intercept_errors on;
       }
}