Nginx 403禁止所有文件 [英] Nginx 403 forbidden for all files
问题描述
我在CentOS 5盒子上安装了nginx和PHP-FPM,但是很难为它提供任何文件 - 无论是否为PHP。
Nginx以www-data:www-data运行,默认的欢迎使用nginx on EPEL站点(由root:root拥有644权限)加载。
nginx配置文件对 / etc / nginx / sites-enabled / *。conf,有一个include指令,我有一个配置文件 example.com.conf :
server {
listen 80;
虚拟主机名
server_name www.example.com example.com;
location / {
root /home/demo/sites/example.com/public_html;
index index.php index.htm index.html;
}
location〜\.php $ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param PATH_INFO $ fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME /home/demo/sites/example.com/public_html$fastcgi_script_name;
include fastcgi_params;
}
}
尽管public_html由www-data拥有:www-数据具有2777文件权限,此站点无法提供任何内容 -
[error] 4167#0:* 4 open /home/demo/sites/example.com/public_html/index.html失败(13:权限被拒绝),客户端:XX.XXX.XXX.XX,服务器:www.example.com,请求:GET / index .html HTTP / 1.1,host:www.example.com
其他帖子,用户从nginx获得403s,但我看到的大多数涉及到更复杂的设置与Ruby / Passenger(在过去我实际上已成功)或只是接收错误时,上游PHP-FPM涉及,
/ div>
经常被忽略的一个权限要求是用户在文件的每个父目录中需要x权限来访问该文件。检查/,/ home,/ home / demo等对www-data x访问的权限。我的猜测是/ home可能是770和www-data不能chdir通过它到任何subdir。如果是,请尝试chmod o + x / home(或任何dir拒绝请求)。
编辑:为了方便地显示路径上的所有权限,使用 namei -om / path / to / check
I have nginx installed with PHP-FPM on a CentOS 5 box, but am struggling to get it to serve any of my files - whether PHP or not.
Nginx is running as www-data:www-data, and the default "Welcome to nginx on EPEL" site (owned by root:root with 644 permissions) loads fine.
The nginx configuration file has an include directive for /etc/nginx/sites-enabled/*.conf, and I have a configuration file example.com.conf, thus:
server {
listen 80;
Virtual Host Name
server_name www.example.com example.com;
location / {
root /home/demo/sites/example.com/public_html;
index index.php index.htm index.html;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME /home/demo/sites/example.com/public_html$fastcgi_script_name;
include fastcgi_params;
}
}
Despite public_html being owned by www-data:www-data with 2777 file permissions, this site fails to serve any content -
[error] 4167#0: *4 open() "/home/demo/sites/example.com/public_html/index.html" failed (13: Permission denied), client: XX.XXX.XXX.XX, server: www.example.com, request: "GET /index.html HTTP/1.1", host: "www.example.com"
I've found numerous other posts with users getting 403s from nginx, but most that I have seen involve either more complex setups with Ruby/Passenger (which in the past I've actually succeeded with) or are only receiving errors when the upstream PHP-FPM is involved, so they seem to be of little help.
Have I done something silly here?
One permission requirement that is often overlooked is a user needs x permissions in every parent directory of a file to access that file. Check the permissions on /, /home, /home/demo, etc. for www-data x access. My guess is that /home is probably 770 and www-data can't chdir through it to get to any subdir. If it is, try chmod o+x /home (or whatever dir is denying the request).
EDIT: To easily display all the permissions on a path, you can use namei -om /path/to/check
这篇关于Nginx 403禁止所有文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
