nginx.sample.conf: www redirection, security regex
according to the latest wiki info:
`return 301` is preferred over a rewrite.
also, the 'security' regex breaks some official extensions because it
will match and deny access to `/ext/phpbb`.
looking through the names of dirs and files containing `phpbb`, it
looks like the intent of the regex was to only disallow the folder
`phpbb` in the root dir and not other `/phpbb` matches.
a negative lookbehind was added to specifically not match `/ext/phpbb`
but still match other occurrences of `/phpbb`.
i've attached the config with the proposed changes.