upstream php {
    #server unix:/var/run/php5-fpm.sock;
    server php:9000;
}

server {
    listen 80 backlog=1024;

    server_name localhost;
    server_tokens off;

    root /htdocs;
    index index.php;

    client_body_buffer_size 8M;
    client_max_body_size 8M;

    gzip on;
    gzip_types text/plain text/css application/javascript;

    # Only requests to our Host are allowed
    if ($host !~ ^localhost$ ) {
        return 444;
    }

    # Only allow these request methods
    if ($request_method !~ ^(GET|HEAD|POST)$ ) {
        return 444;
    }

    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
    location ~ /\. {
        deny all;
    }

    # Deny access to any files with a .php extension in the static directory
    location ~* /(?:static)/.*\.php$ {
        deny all;
    }

    location / {
        # This is cool because no php is touched for static content.
        # include the "?$args" part so non-default permalinks doesn't break when using query string
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
        include fastcgi.conf;
        fastcgi_intercept_errors on;
        fastcgi_pass php;
    }

    location ~* \.(js|css|png|ico)$ {
        expires max;
        log_not_found off;
    }
}