Sanity check of my config - is it secure?

benseb nginx-forum at
Sun May 22 22:37:46 MSD 2011

For our static subdomain (which should only serve static content) I'd
like to add a whitelist of content - so if the filename doesn't match
jpg/png/gif/css/js etc it will return a 444

What's the correct syntax to do this:

location !~* \.(?:ico|css|js|gif|jpe?g|png)$ {
               #dont serve any other files
               return 444;

The above doesnt work as !~* isn't allowed. What the best way to say
"not one of the following extensions". All the examples in the
documenation are the opposite?


Posted at Nginx Forum:,199902,199950#msg-199950

More information about the nginx mailing list