Hello
Starting from line 212 of the nginx.conf.sample file, there is an exclude block for all .php extensions that do not match earlier location matches:
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.phtml$|\.htaccess$|\.git) {
deny all;
}
https://github.com/magento/magento2/blob/2.3.4/nginx.conf.sample
We are migrating to Magento 2 and want to keep our historic url structure which has a .php extension.
Am I OK to remove .php filtering or do you recommend to harden security and instead we migrate(redirect) all urls away from .php urls and leave the above as is?
Thanks in advanced
