diff --git a/config/nginx/conf.d/xuqm.conf b/config/nginx/conf.d/xuqm.conf
index 65cf4cf..b9f835c 100644
--- a/config/nginx/conf.d/xuqm.conf
+++ b/config/nginx/conf.d/xuqm.conf
@@ -90,6 +90,12 @@ server {
     proxy_send_timeout 600s;
   }
 
+  # 私有化部署：精确拦截用户自注册（必须在通用 /api/ 之前）
+  location = /api/auth/register {
+    add_header Content-Type 'application/json; charset=utf-8' always;
+    return 403 '{"code":403,"status":"1","data":null,"message":"私有化部署已禁用用户自注册"}';
+  }
+
   # 核心 API（兜底，在所有具体 /api/xxx/ 之后）
   location /api/ {
     set $svc tenant-service;