# Sample nginx configuration file for phpBB.
# Global settings have been removed, copy them
# from your system's nginx.conf.
# Tested with nginx 0.8.35.

# If you want to use the X-Accel-Redirect feature,
# add the following to your config.php.
#
#  define('PHPBB_ENABLE_X_ACCEL_REDIRECT', true);
#
# See http://wiki.nginx.org/XSendfile for the details
# on X-Accel-Redirect.

http {
    # Compression - requires gzip and gzip static modules.
    gzip on;
    gzip_static on;
    gzip_vary on;
    gzip_http_version 1.1;
    gzip_min_length 700;

    # Compression levels over 6 do not give an appreciable improvement
    # in compression ratio, but take more resources.
    gzip_comp_level 6;

    # IE 6 and lower do not support gzip with Vary correctly.
    gzip_disable "msie6";
    # Before nginx 0.7.63:
    #gzip_disable "MSIE [1-6]\.";

    # Catch-all server for requests to invalid hosts.
    # Also catches vulnerability scanners probing IP addresses.
    server {
        # default specifies that this block is to be used when
        # no other block matches.
        listen 80 default;

        server_name bogus;
        return 444;
        root /var/empty;
    }

    # If you have domains with and without www prefix,
    # redirect one to the other.
    server {
        # Default port is 80.
        #listen 80;

        server_name myforums.com;

        # A trick from http://wiki.nginx.org/Pitfalls#Taxing_Rewrites:
        return 301 http://www.myforums.com$request_uri;
    }

    # The actual board domain.
    server {
        #listen 80;
        server_name www.myforums.com;

        root /path/to/phpbb;

        location / {
            # phpBB uses index.htm
            index index.php index.html index.htm;
            try_files $uri $uri/ @rewriteapp;
        }

        location @rewriteapp {
            rewrite ^(.*)$ /app.php/$1 last;
        }

        # Deny access to internal phpbb files.
        location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|(?<!ext/)phpbb(?!\w+)|store|vendor) {
            deny all;
            # deny was ignored before 0.8.40 for connections over IPv6.
            # Use internal directive to prohibit access on older versions.
            internal;
        }

        # Pass the php scripts to fastcgi server specified in upstream declaration.
        location ~ \.php(/|$) {
            # Unmodified fastcgi_params from nginx distribution.
            include fastcgi_params;
            # Necessary for php.
            fastcgi_split_path_info ^(.+\.php)(/.*)$;
            fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
            fastcgi_param DOCUMENT_ROOT $realpath_root;
            try_files $uri $uri/ /app.php$is_args$args;
            fastcgi_pass php;
        }

        # Correctly pass scripts for installer
        location /install/ {
            # phpBB uses index.htm
            try_files $uri $uri/ @rewrite_installapp =404;

            # Pass the php scripts to fastcgi server specified in upstream declaration.
            location ~ \.php(/|$) {
                # Unmodified fastcgi_params from nginx distribution.
                include fastcgi_params;
                # Necessary for php.
                fastcgi_split_path_info ^(.+\.php)(/.*)$;
                fastcgi_param PATH_INFO $fastcgi_path_info;
                fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
                fastcgi_param DOCUMENT_ROOT $realpath_root;
                try_files $uri $uri/ /install/app.php$is_args$args =404;
                fastcgi_pass php;
            }
        }

        location @rewrite_installapp {
            rewrite ^(.*)$ /install/app.php/$1 last;
        }

        # Deny access to version control system directories.
        location ~ /\.svn|/\.git {
            deny all;
            internal;
        }
    }

    # If running php as fastcgi, specify php upstream.
    upstream php {
        server unix:/tmp/php.sock;
    }
}