diff --git a/nginx.conf b/nginx.conf
index e168e4f..3ab799b 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -43,6 +43,12 @@ http {
         gzip on;
         gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
 
+        # Deny direct access to any files that might be mapped under a /data/ URI path
+        location /data/ {
+            deny all;
+            return 404; # Or 403 Forbidden
+        }
+
         location / {
             include /etc/nginx/nginx-auth.conf; # Apply Basic Auth to the whole site
             try_files $uri $uri/ /index.html;