Ingnoring any and all url parameters to harden security. How?

Anyone who puts an NGINX server online and looks at its access.log a week latter will find lots of URL exploits being attempted. Every day, any time.

So what if, I was to reject any and all url parameters. What if every query string was masked with an NGINX rewrite which would fail to match anything not defined as a rewrite naturally returning a 404 Not Found?

Or a series of rewrites in order placed inside this always present location block?

location / {
  rewrite "^/api/v1/users/?$" /api/v1/Users.php last;
  rewrite "^/api/v1/users/(all|active|inactive)?$" /api/v1/Users.php?status=$1 last;
  rewrite "^/api/v1/users/(\d+)/?$" /api/v1/Users.php?userId=$1 last;
}

# URL Match examples...

http://localhost/api/v1/users
http://localhost/api/v1/users/

http://localhost/api/v1/users/all
http://localhost/api/v1/users/active
http://localhost/api/v1/users/inactive

http://localhost/api/v1/users/2001
http://localhost/api/v1/users/2002
http://localhost/api/v1/users/2003

Is there a way to direct NGINX to ignore URL parameters? Feel free to let me know if this is a naive question. Perhaps I'm asking the wrong question.

Rather use return instead of rewrite because "rewrite directive can return only code 301 or 302". For this, create a location with a regular expression to catch the specific request uri.

And if you just want to drop all of these requests return a http status 444.

Example:

server {
    # ...
    location ~* ^/api/v1/users/.*$ {
        return  444;
    }
}