Be aware that on various blogs and Gists suggest to implement IP.Board PHP protection and including commented out sections below (such as mentioned by @Foolboy) will break IP.Board:
# -- Block Access to PHP / PHTML Files
location ~ ^/(uploads|datastore|system|plugins)/.*\.(?:php\d*|phtml)$ {
allow 127.0.0.1;
deny all;
}
# -- Allow Access to Interface Files
# location ~ ^/applications/(blog|calendar|chat|cms|core|downloads|forums|gallery|nexus|pastebin|companydirectory|rules|videos|notes|iawards|links|pmviewer|readthattopic|rules)/interface/.*\.(?:php\d*|phtml)$ {
# allow all;
# }
# -- Block Access to Application PHP / PHTML Files
# location ~ ^/applications/(blog|calendar|chat|cms|core|downloads|forums|gallery|nexus|pastebin|companydirectory|rules|videos|notes|iawards|links|pmviewer|readthattopic|rules)/.*\.(?:php\d*|phtml)$ {
# allow 127.0.0.1;
# deny all;
# }