I am using CentOs 6.8
Using CloudFlare DNS in Development Mode
Nginx shows welcome page, its picking up from
/usr/share/nginx/html
But not from:
/home/nginx/domains/XYZDomain.com/public/
In Directory:
/etc/nginx/conf.d
2 Configurations Files:
default.conf
virtual.conf
default.conf file output
# Main Local
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
#
location ~ .php$ {
include fastcgi_params;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /. {
deny all;
access_log off;
log_not_found off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
}
virtual.conf file output:
server {
listen 80;
#server_name www.XYZDomain.com;
# Now Changed to below withouth wwww.
server_name XYZDomain.com;
rewrite ^/(.*) http://XYZDomain.com/$1 permanent;
location / {
root /home/nginx/domains/XYZDomain.com/public/;
index index.html;
}
}
nginx.conf file in /etc/nginx/nginx.conf output
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
#default_type application/octet-stream;
#changed to text/html
default_type text/html;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
All Directories with permissions.
ls -la /home/nginx/domains/XYZDomain.com
drwxr-s--- 6 root root 4096 Jul 1 12:54 .
drwxr-xr-x 3 root root 4096 Jul 2 14:44 ..
drwxr-s--- 2 root root 4096 Jun 30 15:58 backup
drwxr-s--- 2 root root 4096 Jun 30 15:58 log
drwxr-s--- 2 root root 4096 Jun 30 15:58 private
drwxr-sr-x 2 root root 4096 Jul 2 15:01 public
I have tried modifying default.php and virtual.conf file
Can Anyone can help me what’s wrong in this? I am really confused and have wasted a whole day on this.
3
Answers
Nginx 403 error: directory index of [folder] is forbidden
Changing User in
/etc/nginx/nginx.conf
fromnginx
toroot
helped...
is it harmful? or security risk? Now thats a question...
Thanks StackOverFlow & Thanks Community
Love
It looks like this is a permissions problem. Nginx is running as the
nginx
user, but the files are owned byroot
and do not have global read permissions, meaning thenginx
user cannot see them.First, do not run ngninx as root! This is very bad. If someone compromises your site, they could potentially have root access to the server.
There are several approaches to solving this. This easiest is to simply change the owner of the files to
nginx
:Of course, you will have to remember to do this for any new files you create
You can also change just the group for the file to
nginx
, and make them group readable:The second approach is a little more secure, because nginx does not have write permissions and can only read the files. However, this can cause other problems if you have scripts that need to dynamically create or edit files.
There is a lot more to get into regarding permissions and web servers, with lots of security implications, which is too much to get into here. You can find plenty of information on stackoverflow.com if you are curious.
One way was to change user to
root
but it’s harmful.
Second is to
Transfer all the domain files into
/var/www/html/XYZDomain.com/public
Instead of
/home/nginx/domains/XYZDomain.com/public/
and changed
virtual.conf
(in conf.d directory) file fromroot /home/nginx/domains/XYZDomain.com/public;
to
root /var/www/html/XYZDomain.com/public
Things to take care of is:
Check of extra useless Spaces
Copied code from the web can cause problems
Always run
nginx -T
to check for errorsAlways Restart Nginx before testing
service nginx restart
Running
tail -f /var/log/nginx/error.log
to check latest error logsMake sure your web directory has access permissions
Toggle SELinux, It can cause issues.