[ticket/15385] nginx.sample.conf: www redirection, security regex

according to the latest wiki info:
    http://wiki.nginx.org/Pitfalls#Taxing_Rewrites
`return 301` is preferred over a rewrite.

also, the 'security' regex breaks some official extensions because it
will match and deny access to `/ext/phpbb`.
looking through the names of dirs and files containing `phpbb`, it
looks like the intent of the regex was to only disallow the folder
`phpbb` in the root dir and not other `/phpbb` matches.
a negative lookbehind was added to specifically not match `/ext/phpbb`
but still match other occurrences of `/phpbb`.

Tracker ticket: https://tracker.phpbb.com/browse/PHPBB3-15385

phpBB/docs/nginx.sample.conf

@@ -49,9 +49,7 @@ http {
         server_name myforums.com;
 
         # A trick from http://wiki.nginx.org/Pitfalls#Taxing_Rewrites:
-        rewrite ^ http://www.myforums.com$request_uri permanent;
+        return 301 http://www.myforums.com$request_uri;
-        # Equivalent to:
-        #rewrite ^(.*)$ http://www.myforums.com$1 permanent;
     }
 
     # The actual board domain.
@@ -72,7 +70,7 @@ http {
         }
 
         # Deny access to internal phpbb files.
-        location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|phpbb|store|vendor) {
+        location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|(?<!ext/)phpbb|store|vendor) {
             deny all;
             # deny was ignored before 0.8.40 for connections over IPv6.
             # Use internal directive to prohibit access on older versions.