How To Allow Access to only Certain File Types

It is easy in lighttpd to deny access to a few types of files using mod_access:

url.access-deny = ( "~", ".inc")

But what if you want to allow access to only a few types of files, and deny access to all others? In the example below, we allow access to common static file types, and deny access to all other files:

$HTTP["url"] !~ "\.(jpg|gif|png|ico|js|css)$" {
  url.access-deny = ( "" )

This will cause all URLs that don't match the pattern to be denied. Note that all non-matching URLs will return 403 Forbidden, non-existent files will not return 404 Not Found.