How do I block PHP's permission in Apache and Nginx directories

PHP script cannot be run in a specified directory under Apache

Add php_flag engine off directive to the virtual host configuration file. The configuration is as follows:

 Options FollowSymLinks
 AllowOverride None
 Order allow,deny
 Allow from all 
 php_flag engine off

The other method is set in htaccess. This method is more flexible for those webmasters who do not have the security operation permission of apapche:
The Apache environment rules are as follows: Apache executes the php script to restrict the addition of these rules to the.htaccess file
The code is as follows:

RewriteEngine on RewriteCond % !^$
RewriteRule uploads/(.*).(php)$  �  [F]
RewriteRule data/(.*).(php)$  �  [F]
RewriteRule templets/(.*).(php)$  � [F]

PHP script cannot be run in a specified directory under Nginx

Nginx is even simpler. You can directly disable the permission after location condition matching. You can add the following configuration to the server configuration section.

If it's a single directory:

location ~* ^/uploads/.*\.(php|php5)$
{
 deny all;
}

If multiple directories:

location ~* ^/(attachments|uploads)/.*\.(php|php5)$
{
 deny all;
}

Note: this configuration file 1 must be placed in front of the following configuration to take effect.

location ~ \.php$ {
fastcgi_pass  127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include    fastcgi_params;
}

Finally, a complete configuration example is given

location ~ /mm/(data|uploads|templets)/*.(php)$ {
 deny all;
}

location ~ .php$ {
 try_files $uri /404.html;
 fastcgi_pass  127.0.0.1:9000;
 fastcgi_index index.php;
 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 include    fastcgi_params;
}

Remember to restart Nginx to take effect after configuration.