Here is what i found to achieve this :

i denied access to every php files :

location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
allow 127.0.0.1;
deny all;
}


and then i create one rule per page (takes time with some scripts, but it worth it :)

location ~* ^/myfile.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
try_files $uri $uri/ /index.php?q=$args;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
include /etc/nginx/naxsi.rules;
allow all;
}

Every tutorials i found on nginx tell us to allow / deny in location /. ...but ^(.+\.php) is another location, not included in location /

If i follow most tutorials i am still able to reach the php files inside the location / even if i denied access to all of them. Doing this way works great :)

I hope this will help someone ... ...someday :)
Cheers :)