Nginx Showing Welcome Page/403 Error instead of homepage

Question

I am using CentOs 6.8

Using CloudFlare DNS in Development Mode

Nginx shows welcome page, its picking up from

/usr/share/nginx/html

But not from:

/home/nginx/domains/XYZDomain.com/public/

In Directory:

/etc/nginx/conf.d

2 Configurations Files:

default.conf
virtual.conf

default.conf file output

# Main Local

server {
        listen 80;
        server_name localhost;
        root   /usr/share/nginx/html;
        index index.php index.html index.htm;


        location / {
                try_files $uri $uri/ =404;
        }

        error_page 404 /404.html;
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
                root /usr/share/nginx/html;
        }

        #
        location ~ \.php$ {
                include fastcgi_params;
                #fastcgi_pass 127.0.0.1:9000;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

        }

        location ~ /\. {
                deny all;
                access_log off;
                log_not_found off;
        }
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

}

virtual.conf file output:

server {

            listen   80;
            #server_name  www.XYZDomain.com;
            # Now Changed to below withouth wwww.
            server_name  XYZDomain.com;
            rewrite ^/(.*) http://XYZDomain.com/$1 permanent;

            location / {

                        root   /home/nginx/domains/XYZDomain.com/public/;
                        index  index.html;

                        }

}

nginx.conf file in /etc/nginx/nginx.conf output

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    #default_type  application/octet-stream;
    #changed to text/html
    default_type text/html;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

All Directories with permissions.

ls -la /home/nginx/domains/XYZDomain.com

drwxr-s--- 6 root root 4096 Jul  1 12:54 .
drwxr-xr-x 3 root root 4096 Jul  2 14:44 ..
drwxr-s--- 2 root root 4096 Jun 30 15:58 backup
drwxr-s--- 2 root root 4096 Jun 30 15:58 log
drwxr-s--- 2 root root 4096 Jun 30 15:58 private
drwxr-sr-x 2 root root 4096 Jul  2 15:01 public

I have tried modifying default.php and virtual.conf file

Can Anyone can help me what's wrong in this? I am really confused and have wasted a whole day on this.

Answer 1

One way was to change user to root but it's harmful.

Second is to Transfer all the domain files into

/var/www/html/XYZDomain.com/public Instead of /home/nginx/domains/XYZDomain.com/public/

and changed virtual.conf(in conf.d directory) file from root /home/nginx/domains/XYZDomain.com/public; to root /var/www/html/XYZDomain.com/public

Things to take care of is:

1. Check of extra useless Spaces

2. Copied code from the web can cause problems

3. Always run nginx -T to check for errors

4. Always Restart Nginx before testing service nginx restart

5. Running tail -f /var/log/nginx/error.log to check latest error logs

6. Make sure your web directory has access permissions

7. Toggle SELinux, It can cause issues.

Answer 2

It looks like this is a permissions problem. Nginx is running as the nginx user, but the files are owned by root and do not have global read permissions, meaning the nginx user cannot see them.

First, do not run ngninx as root! This is very bad. If someone compromises your site, they could potentially have root access to the server.

There are several approaches to solving this. This easiest is to simply change the owner of the files to nginx:

chown -R nginx:nginx /home/nginx/domains/XYZDomain.com

Of course, you will have to remember to do this for any new files you create

You can also change just the group for the file to nginx, and make them group readable:

chgrp -R nginx /home/nginx/domains/XYZDomain.com
chmod -R g+r /home/nginx/domains/XYZDomain.com

The second approach is a little more secure, because nginx does not have write permissions and can only read the files. However, this can cause other problems if you have scripts that need to dynamically create or edit files.

There is a lot more to get into regarding permissions and web servers, with lots of security implications, which is too much to get into here. You can find plenty of information on stackoverflow.com if you are curious.

Answer 3

Nginx 403 error: directory index of [folder] is forbidden

Changing User in /etc/nginx/nginx.conf from nginx to root

helped...

is it harmful? or security risk? Now thats a question...

Thanks StackOverFlow & Thanks Community

Love