diff --git a/volumes/conf.d/registry.zinomedia.de.conf b/volumes/conf.d/registry.zinomedia.de.conf
index 64c58e3..0958309 100644
--- a/volumes/conf.d/registry.zinomedia.de.conf
+++ b/volumes/conf.d/registry.zinomedia.de.conf
@@ -23,17 +23,21 @@ server {
     ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
     ssl_prefer_server_ciphers on;
 
-    # disable any limits to avoid HTTP 413 for large image uploads
-    client_max_body_size 0;
-
     # required to avoid HTTP 411: see Issue #1486 (https://github.com/moby/moby/issues/1486)
     chunked_transfer_encoding on;
 
-    # Password protect
-    auth_basic "Protected Registry";
-    auth_basic_user_file /usr/share/nginx/html/registry.zinomedia.de/.htpasswd;
+    location / {
+        return 403;
+    }
 
     location /v2/ {
+        # disable any limits to avoid HTTP 413 for large image uploads
+        client_max_body_size 0;
+
+        # Password protect
+        auth_basic "Protected Registry";
+        auth_basic_user_file /usr/share/nginx/html/registry.zinomedia.de/.htpasswd;
+
         if ($request_method = OPTIONS) {
             add_header 'Access-Control-Allow-Origin' 'https://registryui.zinomedia.de';
             add_header 'Access-Control-Allow-Credentials' 'true';