Php with Nginx - 403 Forbidden

Question

I want to run project yii2(advanced template) with nginx. I use virtualbox with vagrant(ubuntu 16.04, php 5.6).

I have following settings in my Nginx file:

vhost1.conf
server {
   listen                *:80;
 
   server_name  frontend.test;
   client_max_body_size 128m;
 
   root /var/www/frontend/web/;
     index index.php;
 
   access_log            /var/log/nginx/vhost1.access.log;
   error_log             /var/log/nginx/vhost1.error.log;
   location / {
     try_files $uri $uri/ /index.php$is_args$args;
   }
 
   location ~ ^/assets/.*\.php$ {
       deny all;
   }
 
   location ~ \.php$ {
     include fastcgi_params;
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     fastcgi_pass 127.0.0.1:9000;
     #fastcgi_pass unix:/var/run/php5-fpm.sock;
     try_files $uri =404;
   }
 
   location ~* /\. {
     deny all;
   }
 }

I have following structure project with permission:

vagrant@machine1]-[/var/www]-[git master] 
$ ls -la frontend/
total 68
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 ./
drwxrwxr-x 1 vagrant vagrant 4096 Jul  9 16:14 ../
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 assets/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 bootstrap/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 components/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 config/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 controllers/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 data/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 helpers/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 messages/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 models/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 modules/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 runtime/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 validators/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 views/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 web/
drwxrwxr-x 1 vagrant vagrant 4096 Jul  5 14:27 widgets/

nginx error logs output:

2018/07/09 21:42:36 [error] 23865#23865: *1 directory index of "/var/www/frontend/web/" is forbidden, client: 192.168.56.1, server: b2bfrontend.test, request: "GET / HTTP/1.1", host: "b2bfrontend.test"

If I run b2bfrontend.test I get an error - 403 Forbidden

Answer 1

I uncommented this line and now it works:

fastcgi_pass unix:/var/run/php5-fpm.sock;

In my case I have Debian 9 so this I changed it a bit:

fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;

My complete code is:

location ~ \.(php|twig)$   {
            try_files $uri =404;
    include       fastcgi_params;

    fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;

    fastcgi_index index.php;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;

    fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}

Answer 2

Just fix location from:

location / {
  try_files $uri $uri/ /index.php$is_args$args;
}

to:

location / {
  try_files $uri /index.php$is_args$args;
}

reason: it tries to go $uri/ which is /var/www/frontend/web/ (since it exists) and to do directory indexing which seems like not allowed.

message already says it:

directory index of "/var/www/frontend/web/" is forbidden

Answer 3

Your nginx server is most probably running either under user nginx or www-data while your files have vagrant:vagran ownership. Check what's the user under which nginx is running and change the ownership of your files accordingly. Also, if you use php-fpm for php, check your php-fpm configuration and see what user is defined there as well.