Laravel + NGINX禁止使用403 [英] Laravel + NGINX giving 403 forbidden

问题描述

我真的很棘手，第一次在Web(EC2)上加载Laravel应用.

I am really stuck loading a Laravel app for the first time on the web (EC2).

我有一个运行最新的laravel 5.6的Ubuntu 18.04实例.我已经被困了几个小时，试图解决403问题.我已经关注:

I have an instance of Ubuntu 18.04 running latest laravel 5.6. I have been stuck for hours trying to resolve a 403 issue. I have followed:

这些步骤(创建新组，向其中添加ubuntu和www-data，将组和所有者设置为读取，写入和执行)

These steps (create new group, add ubuntu and www-data to it, set group and owner to read, write and execute)

这些步骤设置文件夹权限

...许多其他尝试/服务器重建...

... many other attempts / server rebuilds...

所以现在我将root中的所有文件和文件夹都设置为777进行测试

So just now I set all files and folders in root to 777 to test

$ find /home/ubuntu/projectname -type f -exec chmod 777 {} \;
$ find /home/ubuntu/projectname -type d -exec chmod 777 {} \;

在下面的建议下，我也这样做了:

And on suggestion below I also did this:

$ namei -l /home/ubuntu/projectname/public
f: /home/ubuntu/projectname/public
drwxr-xr-x root     root     /
drwxr-xr-x root     root     home
drwxr-xr-x ubuntu   ubuntu   ubuntu
drwxrwxrwx www-data www-data projectname
drwxrwxrwx www-data www-data public

$ sudo chmod -R 777 /home/ubuntu/projectname

$ ls -l
drwxrwxrwx   8 www-data www-data   4096 Aug 16 10:25 app
-rwxrwxrwx   1 www-data www-data   1686 Aug 16 10:25 artisan
drwxrwxrwx   3 www-data www-data   4096 Aug 16 10:25 bootstrap
-rwxrwxrwx   1 www-data www-data   1652 Aug 16 10:25 composer.json
-rwxrwxrwx   1 www-data www-data 166078 Aug 16 10:25 composer.lock
drwxrwxrwx   2 www-data www-data   4096 Aug 16 10:25 config
drwxrwxrwx   5 www-data www-data   4096 Aug 16 10:25 database
drwxrwxrwx 999 www-data www-data  36864 Aug 16 10:46 node_modules
-rwxrwxrwx   1 www-data www-data   1442 Aug 16 10:25 package.json
-rwxrwxrwx   1 www-data www-data 604905 Aug 16 10:45 package-lock.json
-rwxrwxrwx   1 www-data www-data   1134 Aug 16 10:25 phpunit.xml
drwxrwxrwx   6 www-data www-data   4096 Aug 16 10:46 public
-rwxrwxrwx   1 www-data www-data   3675 Aug 16 10:25 readme.md
drwxrwxrwx   6 www-data www-data   4096 Aug 16 10:25 resources
drwxrwxrwx   2 www-data www-data   4096 Aug 16 10:25 routes
-rwxrwxrwx   1 www-data www-data    563 Aug 16 10:25 server.php
drwxrwxrwx   6 www-data www-data   4096 Aug 16 10:25 storage
drwxrwxrwx   4 www-data www-data   4096 Aug 16 10:25 tests
drwxrwxrwx  45 www-data www-data   4096 Aug 16 10:45 vendor
-rwxrwxrwx   1 www-data www-data   1738 Aug 16 10:25 webpack.mix.js

最后一个让我感到困惑，因为结果与我的nginx项目错误日志(tail -f)相同:

This last one has me stumped as the result is the same in my nginx project error log (tail -f):

2018/08/16 13:44:25 [error] 27246#27246: *1 directory index of "/home/ubuntu/projectname/public/" is forbidden, client: 29.99.0.232, server: projectname.com.au, request: "GET / HTTP/1.1", host: "projectname.com.au"

我不知道接下来要尝试什么. 任何帮助都会使您进入我的圣诞贺卡清单！

I do not know what to try next. Any help will get you on my Christmas card list!

我的项目被克隆到:

/home/ubuntu/projectname

我的nginx配置(取自 Laravel的部署"页面)是:

My nginx config (taken from Laravel's Deploy page) is:

server {
    listen 80;

    server_name projectname.com.au www.projectname.com.au;
    root /home/ubuntu/projectname/public;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    error_page 404 /index.php;

    access_log  /var/log/nginx/projectname.access.log;
    error_log  /var/log/nginx/projectname.error.log error;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.(?!well-known).* {
        deny all;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/projectname.com.au/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/projectname.com.au/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}

server {
    if ($host = www.projectname.com.au) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = projectname.com.au) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80;
        server_name projectname.com.au www.projectname.com.au;
    return 404; # managed by Certbot
}

推荐答案

尝试在Nginx配置中更改此行:

Try changing this line in the Nginx config:

location / {
    try_files $uri $uri/ /index.php?$query_string;
}

对此:

location / {
   try_files $uri /index.php?$query_string;
}

据我所见，这是由于nginx会尝试索引目录并被自身阻止而引起的.

From what I can see, this is caused because nginx will try to index the directory, and be blocked by itself.

来源答案: Nginx 403错误:[文件夹]

这篇关于Laravel + NGINX禁止使用403的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！