Showing results for 
Search instead for 
Did you mean: 

Nginx + .php extension handling

Nginx + .php extension handling



Starting from line 212 of the nginx.conf.sample file, there is an exclude block for all .php extensions that do not match earlier location matches:



# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.phtml$|\.htaccess$|\.git) {
    deny all;


We are migrating to Magento 2 and want to keep our historic url structure which has a .php extension.


Am I OK to remove .php filtering or do you recommend to harden security and instead we migrate(redirect) all urls away from .php urls and leave the above as is?


Thanks in advanced