How to block access to files without modifying .htaccess or ngnix config?

I'm trying to prevent access to readme.txt files on a WP site. Normally, this would be easy by just modifying the .htaccess file or the ngnix configuration.

However, the host runs ngnix, which ignores .htaccess files, and the host doesn't allow changes to ngnix configuration.

This seems to leave PHP as the only way to block access. But this doesn't seem to work either. I have the following as the first lines of wp-config.php:

?php
if (strpos($_SERVER['REQUEST_URI'], "readme.txt") !== false){
    header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found", true, 404);
    include("404.shtml");
    exit;
}

When I go to an url of a readme.txt file that exists on the server, I still see the contents of the file and not the 404 I'm expecting.

I believe this happens because ngnix checks for the file's existence, finds it, and then directly serves it, bypassing PHP/WP.

Another, host-specific option is to block files using the a .yml file. However, that particular method does not allow wildcards, is only limited to 25 file names and would need to be updated whenever a new readme.txt file is added.

Is there any way to block access to all readme.txt files on a WP site without modifying .htaccess or ngnix configuration?