diff --git a/templates/default.conf b/templates/default.conf
index 3e33104..ef0292c 100644
--- a/templates/default.conf
+++ b/templates/default.conf
@@ -89,6 +89,11 @@ server {
     }
 
     location ~ \.php$ {
+        # We prevent from executing all php scripts except for "index.php" and "update.php".
+        # When opening a non "index.php" file we return a 404 error served
+        # from the application (we pass through index.php).
+        try_files /index.php =404;
+        
         include fastcgi.conf;
         fastcgi_param SCRIPT_FILENAME $request_filename;
         fastcgi_pass php;