禁止使用403-Nginx-使用正确的凭据 [英] 403 forbidden - Nginx - using correct credentials

问题描述

我试图用密码保护我的Nginx网站上的目录，该目录包含phpMyAdmin，MemcacheMyAdmin和更多管理实用程序.

I am trying to password protect a directory on my Nginx powered site that contains things like phpMyAdmin, MemcacheMyAdmin, and more admin utilities.

此目录位于我网站的根目录中:

This directory is placed in the root of my site at:

domain.com/control/

服务器上的绝对路径为:

The absolute path on my server is at:

/home/deployer/sites/domain.com/control/

我使用以下命令在目录中创建了一个.htpasswd文件:

I created a .htpasswd file in the directory by using this command:

htpasswd -c /home/deployer/sites/domain.com/control/.htpasswd admin

该文件存在，由"root"用户拥有，并且具有0644权限.

The file is present, owned by "root" user and is 0644 permissions.

在Nginx中此域的.conf文件中，我使用以下位置块进行身份验证.

In the .conf file for this domain within Nginx I use the following location block to require authentication.

  location /control {
    auth_basic            "Restricted Area: Control";
    auth_basic_user_file  /home/deployer/sites/domain.com/control/.htpasswd;
  }

当进入受密码保护的目录时，系统会提示我输入用户名和密码.输入先前创建的凭据，然后看到错误403禁止页面.

When going to the password protected directory I'm prompted for a username and password. I enter my previously created credentials and I'm then presented with an error 403 forbidden page.

访问日志向我显示，我在登录提示时出现，然后以管理员"用户身份登录:

Access logs show me that I'm hitting the login prompt and then logging in as the "admin" user:

64.123.456.225 - - [12/May/2013:17:30:48 +0000] "GET /control HTTP/1.1" 401 597 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
64.123.456.225 - admin [12/May/2013:17:30:48 +0000] "GET /control HTTP/1.1" 301 185 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"
64.123.456.225 - admin [12/May/2013:17:30:59 +0000] "GET /control/memcache/ HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31"

错误日志显示以下内容:

The error logs show the following:

2013/05/12 17:31:01 [error] 30462#0: *1 directory index of "/home/deployer/sites/domain.com/control/memcache/" is forbidden, client: 64.123.456.225, server: domain.com, request: "GET /control/memcache/ HTTP/1.1", host: "domain.com"
2013/05/12 17:31:09 [error] 30462#0: *1 directory index of "/home/deployer/sites/domain.com/control/memcache/" is forbidden, client: 64.123.456.225, server: domain.com, request: "GET /control/memcache/ HTTP/1.1", host: "domain.com"

如果我删除了该站点的Nginx .conf的Auth块，则可以像往常一样访问该页面.

If I remove the Auth block for the Nginx .conf for that site I can then access the page like normal.

感谢您的帮助！

推荐答案

这可能是由于权限或目录索引指令不存在或无效引起的.

This can be caused by permissions or a non-existent or invalid directory index directive.

权限: 如果www由nginx拥有，但/var由root拥有，则www将继承var的权限，从而拒绝访问.

Permissions: If www is owned by nginx but /var is owned by root, then www will inherit the permissions of var, thus denying access.

索引指令: 如果目录索引设置为不可用的文件，则nginx将抛出403.在这种情况下，我猜它默认为index.htm而不是index.php.

Index Directive: If the directory index is set to an unavailable file, then nginx will throw a 403. In this case, I'm guessing it's defaulting to index.htm instead of index.php.

最幸运！

这篇关于禁止使用403-Nginx-使用正确的凭据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！