magnetikonline/magentodenynginx.conf

## magentodenynginx.conf
# a fairly complete set of deny rules for Magento when running under Nginx webserver
# replicating functionality from the .htaccess files present in a base install.
location ~ "\.htaccess$" {
	deny all;
}

location ^~ /app/ {
	deny all;
}

location ^~ /downloader/template/ {
	deny all;
}

location ^~ /includes/ {
	deny all;
}

location ^~ /lib/ {
	deny all;
}

location ^~ /media/customer/ {
	deny all;
}

location ^~ /media/downloadable/ {
	deny all;
}

location ^~ /pkginfo/ {
	deny all;
}

location ^~ /var/ {
	deny all;
}

# this is going to be optional if calling cron.php from the webserver side (but, this is pretty tacky - CRONTAB/PHPCLI is better for this job)
location = /cron.php {
	deny all;
}

location = /mage {
	deny all;
}

location = /RELEASE_NOTES.txt {
	deny all;
}

location ~ "\.sh$" {
	deny all;
}

location ~ "^/downloader/.+\.(cfg|ini|xml)$" {
	deny all;
}

location ~ "^/errors/.+\.(phtml|xml)$" {
	deny all;
}
	# a fairly complete set of deny rules for Magento when running under Nginx webserver
	# replicating functionality from the .htaccess files present in a base install.
	location ~ "\.htaccess$" {
	deny all;
	}

	location ^~ /app/ {
	deny all;
	}

	location ^~ /downloader/template/ {
	deny all;
	}

	location ^~ /includes/ {
	deny all;
	}

	location ^~ /lib/ {
	deny all;
	}

	location ^~ /media/customer/ {
	deny all;
	}

	location ^~ /media/downloadable/ {
	deny all;
	}

	location ^~ /pkginfo/ {
	deny all;
	}

	location ^~ /var/ {
	deny all;
	}

	# this is going to be optional if calling cron.php from the webserver side (but, this is pretty tacky - CRONTAB/PHPCLI is better for this job)
	location = /cron.php {
	deny all;
	}

	location = /mage {
	deny all;
	}

	location = /RELEASE_NOTES.txt {
	deny all;
	}

	location ~ "\.sh$" {
	deny all;
	}

	location ~ "^/downloader/.+\.(cfg\|ini\|xml)$" {
	deny all;
	}

	location ~ "^/errors/.+\.(phtml\|xml)$" {
	deny all;
	}