server {
    listen      80;
    server_name example.com www.example.com;
    return 301  https://example.com$request_uri;
}

server {
    listen       443 ssl http2;
    server_name  example.com www.example.com;
    root         /home/user1/WordPress/example.com;
    index        index.php index.html index.htm;

    ssl_certificate      /home/user1/tmp/example.com/fullchain.pem;
    ssl_certificate_key  /home/user1/tmp/example.com/privkey.pem;
    #ssl_certificate      /etc/letsencrypt/live/example.com/fullchain.pem;
    #ssl_certificate_key  /etc/letsencrypt/live/example.com/privkey.pem;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        include        fastcgi_params;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param  HTTPS on;
        fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
    }

    location ~* /\.well-known {
        allow all;
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    location ~ /\. {
        deny all;
    }

    location ~* /(?:uploads|files)/.*\.php$ {
        deny all;
    }

    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        expires 1y;
        log_not_found off;
    }
}