What do you guys think about implement this into nginx just like it is in apache? if ( $fastcgi_script_name ~ \..*\/.*php ) { return 403; } because without that some servers which allows to upload images are vulnerable to external exploits. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,204051,204051#msg-204051