Protect against php files being send as static files

Olaf van der Spek nginx-forum at
Tue Mar 12 08:45:34 UTC 2019

Francis Daly Wrote:
> I don't think that stock-nginx has a configuration directive for this.
> "Not putting files that you don't want sent, into a directory that
> nginx
> has been told to send files from", would probably be the safest way to
> avoid external misconfiguration.

Sure, but as that's bound to happen anyway sometime somewhere, some defense
in depth would be nice.

Posted at Nginx Forum:,283274,283349#msg-283349

More information about the nginx mailing list