Nginx 403 Forbidden Solution (permission files and files do not exist, SElinux Open) __linux

Source: Internet
Author: User

Nginx configured Well, there are two main reasons for 403 Forbidden: 1, Nginx does not have access to the directory; 2, the Nginx directory does not have a default document and does not have permissions to list directories.

Started the Nginx, visited the Web site, and then appeared

403 Forbidden 1, permission issues

This is the issue of permissions, to ensure that Nginx has permissions on the configured directory.
First, let's take a look at the configuration directory where {nginx} indicates your Nginx installation path:

VI {nginx}/conf/nginx.conf
1 1

And then find this paragraph:

server {
        listen       ;
        server_name  localhost;

        #charset Koi8-r;

        #access_log  logs/host.access.log  main;

        Location/{
            root   /home/xxx/website/nginxweb;
            Index  index.html index.htm;
        }
     }
1 2 3 4 5 6 7 8 9 10 11 12 13 14 1 2 3 4 5 6 7 8 9 10 11 12 13-14

The/home/xxx/website/nginxweb in the Root/home/xxx/website/nginxweb is your directory, and index is your default document.

Let's take a look at this directory, and I will not say what you are authorized to do.

And then we'll see what our nginx is right:

Nobody   31222 31159  0 22:52?        00:00:00 Nginx:worker Process
1 1

Can see is nobody user run, so, we want to modify into, have the permission of the user, or modify the directory permissions, I said modify Nginx run user.

Add a sentence before {nginx}/conf/nginx.conf:

User xxx;
1 1

On it, where xxx is the user running Nginx. 2, there is no directory

Complete the above, access also errors, most likely, there is no file in your directory, and then did not list the permissions of the directory.
Check your/home/xxx/website/nginxweb folder for the configuration of the default file, the default file in the nginx.conf inside the index, has been described above.

Workaround, create a index.html file in your/home/xxx/website/nginxweb folder.


3.SElinux Open

SELinux is a security subsystem

It can control the program to access only specific files

First, view the SELinux status command:

1,/usr/sbin/sestatus-v # #如果SELinux Status parameter is enabled that is open
SELinux status:enabled

2, Getenforce # #也可以用这个命令检查

second, close the SELinux method:

1, temporarily shut down (do not restart the machine):

The code is as follows:
Setenforce 0 #设置SELinux become permissive mode
#setenforce 1 set SELinux become enforcing mode

2, modify the configuration file needs to reboot the machine:

modifying/etc/selinux/config files

Change Selinux=enforcing to Selinux=disabled

Reboot the machine.



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.