How to Block Access to Files with a Specific Extension in Nginx

         Sometimes for security reasons we want to block user access to files with a specific extension. Below we’ll discuss the interception method under Nginx — once configured, front-end access will directly return a 403 code.

Sample code is as follows:

  location ~ .*/.(jsp|php|asp|aspx|sql|dmp)$  {
                    deny all;
                            }

The above code denies access to files ending in jsp, php, asp, aspx, sql, or dmp.

Leave a Comment

Your email address will not be published.