diff --git a/roles/nginx/templates/server.conf.j2 b/roles/nginx/templates/server.conf.j2
index 0272a27f8..37aeca372 100644
--- a/roles/nginx/templates/server.conf.j2
+++ b/roles/nginx/templates/server.conf.j2
@@ -20,9 +20,10 @@ server {
         include fastcgi_params;
     }
 
-    location /cgi-bin {
-        root /usr/lib;
-    }
+    # 2021-07-30: Security risk identified by @tim-moody
+    #location /cgi-bin {
+    #    root /usr/lib;
+    #}
 
     # if you don't like seeing all the errors for missing favicon.ico in root
     location = /favicon.ico { access_log off; log_not_found off; }