Lighttpd

It is easy in lighttpd to deny access to a few types of files using mod_access:

{{{
url.access-deny = ( "~", ".inc")
}}}

But what if you want to allow access to only a few types of files, and deny access to all others? In the example below, we allow access to common static file types, and deny access to all other files:

{{{
$HTTP["url"] !~ "\.(jpg|gif|png|ico|js|css)$" {
url.access-deny = ( "" )
}
}}}

This will cause all URLs that don't match the pattern to be denied. Note that all non-matching URLs will return 403 Forbidden, non-existent files will not return 404 Not Found.