# NGINX
# FILE: /usr/local/etc/nginx/conf.d/security.conf


# Disable all methods besides HEAD, GET, and POST
if ($request_method !~ ^(GET|HEAD|POST)$) {
    return 444;
}

# Do not log attempts for common files
location ~ ^/(favicon.ico|robots.txt) {
    access_log off;
    log_not_found off;
}

# Deny access to hidden files
location /. {
    access_log off;
    log_not_found off;
    return 404;
}

# Deny obviously bad requests
location ~ \.(aspx|asp|jsp|cgi)$ {
    return 410;
}