Nginx 403 Forbidden Solution (permission files and files do not exist, SElinux Open) __linux

Nginx configured Well, there are two main reasons for 403 Forbidden: 1, Nginx does not have access to the directory; 2, the Nginx directory does not have a default document and does not have permissions to list directories.

Started the Nginx, visited the Web site, and then appeared

403 Forbidden 1, permission issues

This is the issue of permissions, to ensure that Nginx has permissions on the configured directory.
First, let's take a look at the configuration directory where {nginx} indicates your Nginx installation path:

VI {nginx}/conf/nginx.conf

1 1

And then find this paragraph:

server {
        listen       ;
        server_name  localhost;

        #charset Koi8-r;

        #access_log  logs/host.access.log  main;

        Location/{
            root   /home/xxx/website/nginxweb;
            Index  index.html index.htm;
        }
     }

1 2 3 4 5 6 7 8 9 10 11 12 13 14 1 2 3 4 5 6 7 8 9 10 11 12 13-14

The/home/xxx/website/nginxweb in the Root/home/xxx/website/nginxweb is your directory, and index is your default document.

Let's take a look at this directory, and I will not say what you are authorized to do.

And then we'll see what our nginx is right:

Nobody   31222 31159  0 22:52?        00:00:00 Nginx:worker Process

1 1

Can see is nobody user run, so, we want to modify into, have the permission of the user, or modify the directory permissions, I said modify Nginx run user.

Add a sentence before {nginx}/conf/nginx.conf:

User xxx;

1 1

On it, where xxx is the user running Nginx. 2, there is no directory

Complete the above, access also errors, most likely, there is no file in your directory, and then did not list the permissions of the directory.
Check your/home/xxx/website/nginxweb folder for the configuration of the default file, the default file in the nginx.conf inside the index, has been described above.

Workaround, create a index.html file in your/home/xxx/website/nginxweb folder.

3.SElinux Open

SELinux is a security subsystem

It can control the program to access only specific files

First, view the SELinux status command:

1,/usr/sbin/sestatus-v # #如果SELinux Status parameter is enabled that is open
SELinux status:enabled

2, Getenforce # #也可以用这个命令检查

second, close the SELinux method:

1, temporarily shut down (do not restart the machine):

The code is as follows:
Setenforce 0 #设置SELinux become permissive mode
#setenforce 1 set SELinux become enforcing mode

2, modify the configuration file needs to reboot the machine:

modifying/etc/selinux/config files

Change Selinux=enforcing to Selinux=disabled

Reboot the machine.