server {
	# default_server from default vhost must exist somewhere!
	listen      80;
	listen      [::]:80;
	listen      443;
	listen      [::]:443;
	# Enable this if your want HSTS (recommended)
	add_header  Strict-Transport-Security
		"max-age=15552000; includeSubdomains; preload";
	add_header  X-Frame-Options SAMEORIGIN;
	add_header  Content-Security-Policy upgrade-insecure-requests;
	add_header  X-Xss-Protection "1; mode=block" always;
	add_header  X-Content-Type-Options "nosniff" always;
	root        /var/www/vhostdir;
	index       index.php index.html index.htm;
	# vhost address
	server_name vhost.example.org;

	location / {
		# First attempt to serve request as file, then
		# as directory, then fall back to displaying a 404.
		try_files $uri $uri/ =404;
		autoindex off;
	}

	# Userdir
	#ilocation ~ ^/~(.+?)(/.*)?$ {
	#	 alias /home/$1/public_html$2;
	#	 index	index.html index.htm;
	#	 autoindex on;
	#}
	#error_page 404 /404.html;
	# redirect server error pages to the static page /50x.html
	#
	#error_page 500 502 503 504 /50x.html;
	#location = /50x.html {
	#	root /usr/share/nginx/html;
	#}
	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
	#
	location ~ \.php$ {
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
		#	# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
		#
		#	# With php5-cgi alone:
		#	 fastcgi_pass 127.0.0.1:9000;
		#	# With php5-fpm:
		fastcgi_pass            unix:/var/run/php5-fpm.sock;
		fastcgi_index           index.php;
		#include fastcgi_params;
		include                 fastcgi.conf;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one
	#
	location ~ /\.ht {
		deny all;
	}
}