root __FINALPATH__/;
 location __PATH__  
 {
	# Force https
	if ($scheme = http) 
		
	{
		rewrite ^ https://$server_name$request_uri? permanent;
	}
		
	if (!-e $request_filename) 
		
	{
		rewrite ^(.*)$ /index.php?q=$1;
	}
			
 }
  

 # Example PHP configuration
 index index.php index.html;
 try_files $uri $uri/ index.php;
 location ~ [^/]\.php(/|$) 
 {
	fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
    fastcgi_index index.php;
    include fastcgi_params;
    fastcgi_param   REMOTE_USER   $remote_user;
    fastcgi_param  PATH_INFO $fastcgi_path_info;
    fastcgi_param SCRIPT_FILENAME $request_filename;
    
    # Set max upload size
    client_max_body_size 256M;
    fastcgi_buffers 64 4K;

 }

 # make sure webfinger and other well known services aren't blocked
 # by denying dot files and rewrite request to the front controller
 location ^~ /.well-known/ 
 {
	allow all;
    if (!-e $request_filename) 
    {
      rewrite ^(.*)$ /index.php?q=$1;
    }
 }

 # statically serve these file types when possible
 # otherwise fall back to front controller
 # allow browser to cache them
 # added .htm for advanced source code editor library
 # location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ {
 #  expires 30d;
 #  try_files $uri /index.php?q=$uri&$args;
 # }
  
 # block these file types
 location ~* \.(tpl|md|tgz|log|out)$ 
 
 {
	deny all;
 }
  
 # deny access to all dot files
 location ~ /\. 
 
 {
    deny all;
 }
	
 #deny access to store
 location ~ /store 
 
 {
	deny  all;
 }