location __PATH__  
 {
    alias __FINALPATH__/;
	# Force https
	if ($scheme = http) 
		
	{
		rewrite ^ https://$server_name$request_uri? permanent;
	}
		
	if (!-e $request_filename) 
		
	{
		rewrite ^(.*)$ /index.php?q=$1;
	}
			
    client_max_body_size 20m;
    client_body_buffer_size 128k;
    
    # Default indexes and catch-all
    index  index.php;
    charset utf-8;
  

	# Example PHP configuration
	location ~* \.php$ 
	{
	try_files $uri =404;
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_index index.php;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	}

	# make sure webfinger and other well known services aren't blocked
	# by denying dot files and rewrite request to the front controller
	location ^~ /.well-known/ 
	{
		allow all;
		if (!-e $request_filename) 
		{
			rewrite ^(.*)$ /index.php?q=$1;
		}
	}

	# statically serve these file types when possible
	# otherwise fall back to front controller
	# allow browser to cache them
	# added .htm for advanced source code editor library
	# location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ {
	#  expires 30d;
	#  try_files $uri /index.php?q=$uri&$args;
	# }
  
	# block these file types
	location ~* \.(tpl|md|tgz|log|out)$ 
	{
		deny all;
	}
  
	# deny access to all dot files
	location ~ /\. 
	{
		deny all;
	}
	
	#deny access to store
	location ~ /store 
	{
		deny  all;
	}
 }