Deny file web access on nginx

nimrodkerrett

I have an nginx/php-pfm app and there's an sqlite file that is currently accessible via web (not my idea. It's well known opensource code. Hard to config otherwise 🤦 ).
Is there a way (similar to how things are done with .htaccess files on apache) to deny web access to this specific file (or even better — a pattern/regex)?

peter

nimrodkerrett Custom Nginx configurations are not available on the managed Nginx/PHP-FPM stack.

The ways to work around this are:

Serve your app via a private Nginx+PHP stack and then configure the included nginx.conf however you need it. Instructions for this are at: HOWTO run a private PHP-FPM stack on Nginx or Apache on Opalstack
Switch your app to Apache so that you can use .htaccess rules to block public access to the sqlite file. (The support team can quickly switch the existing app from Nginx to Apache, if you want. Just request it by sending an email to support@opalstack.com).
Move the sqlite file out of the app's document root directory (e.g. put it somewhere in your home directory - in ~/ instead of ~/apps/your_app_name/) and configure your app to use the data file in the new location that is not accessible from the web.