If you have a web server running on Nginx and have a directory which accepts uploading files either from user OR cms. It is always good to have a bit of protection from the server side to deny executing scripts like PHP in that directory.

Its quite easy to do that. Just add the following line to the server block of the configuration file(nginx.conf or conf.d/default.conf etc). In the example below i want to deny script execution in contents directory, which will have sub directories etc.

location ^~ /contents/ { }