Correct configuration of nginx for rewrite and access control

Here is my current nginx config server_name web.com; server_tokens off; root /usr/share/nginx/html/web; index index.php; if ( $request_uri ~ "/index.(php|html?)" ) { rewrite ^ /$1 permanent; } location / { try_files $uri $uri/ /index.php?$args =404; } error_page 404 /404.html; error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } location ~ /\.ht { deny all; } location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; include fastcgi_params; } What I'm trying to do: 1. web.com?page=somepage&other_arg=arg&.. rewrite to web.com/somepage/arg/.... My methods didn't work, sometimes giving errors: failed (104: Connection reset by peer) while reading response header from upstream or accept4() failed (24: Too many open files) 2. Allow direct access via browser URL only to index.php in root folder. Other files and directories can't be accessed via browser (but can through GET,POST, etc) I used internal directive, worked as expected, however I couldn't set exception for index.php Could anyone suggest an optimal method of doing that?