server {
    listen      80;
    server_name example.com www.example.com;
    access_log  /var/log/nginx/example.com.access.log;
    error_log   /var/log/nginx/example.com.error.log;
    rewrite_log on;
    root        /var/www/example.com/app/webroot;
    index       index.php index.html index.htm;

    # Compression
    gzip       on;
    gzip_types text/plain text/css;
    gzip_vary  on;

    # Forward from www. to non-www.
    # Notice 'permanent' forwards the browser,
    #        'last'      rewrites under the hood
    if ($host = 'www.example.com') {
        rewrite ^/(.*)$ http://example.com/$1 permanent;
        break;
    }

    # No hotlinking of images
    location ~* (\.jpg|\.png|\.css)$ {
        if ($http_referer !~ ^(http://mydomain.com) ) {
            return 403;
        }
    }

    # Not found this on disk? 
    # Feed to CakePHP for further processing!
    if (!-e $request_filename) {
        rewrite ^/(.+)$ /index.php?url=$1 last;
        break;
    }

    # Pass the PHP scripts to FastCGI server
    # listening on 127.0.0.1:9000
    location ~ \.php$ {
        # fastcgi_pass   unix:/tmp/php-fastcgi.sock;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_intercept_errors on; # to support 404s for PHP files not found
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
    
    # Static files.
    # Set expire headers, Turn off access log
    location ~* \favicon.ico$ {
        access_log off;
        expires 1d;
    }
    # Set the expiry date to an insane amount
    # if you can add a filestamp to the url:
    # '/css/style.css?t='.filemtime('/css/style.css')
    # Or let an Asset Manager do it for you
    location ~ ^/(img|cjs|ccss)/ {
        add_header Cache-Control public;
        access_log off;
        expires 90d;
    }

    # Deny access to .htaccess files,
    # git & svn repositories, etc
    location ~ /(\.ht|\.git|\.svn) {
        deny  all;
    }
}