Hello.
I am running Nginx with PHP-FPM. PHP-FPM has its own configuration external to Nginx, including a global `php.conf` and `www.conf`.
I am aware that the PHP-FPM configuration can be overridden / modified at a per-directory level under the Nginx root with a `php.ini` file. A recent server compromise involved these extra `php.ini` files to change the configuration against my preferences.
Ideally, I would like to configure a way for Nginx to essentially block access to these `php.ini` files so they are not passed internally to PHP-FPM for processing.
This may be a question for the PHP-FPM folks, you're my first port of call.
Thank you, and best wishes.