Nginx showing 403 forbidden

Question

I have hosted react app on nginx, when i try to access any file with extension (e.g favicon.ico), nginx throws 403 forbidden error although it works fine for basic app routing i.e, for files without extension. I'm pasting nginx config below, and the static files that i'm trying to access is in the /var/www/deebaco.com/html. Do i need to write another location block to serve files with extensions?

server {
    listen 80;
    server_name deebaco.com www.deebaco.com;
    return 301 https://www.deebaco.com$request_uri;
}
server {
    listen 443 ssl;
    server_name deebaco.com;

    ssl_certificate /root/deebaco.com.chained.crt;
    ssl_certificate_key /root/deebaco.com.key;
    return 301 https://www.deebaco.com$request_uri;
}

server {
    listen 443 ssl http2;

   add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

    server_name www.deebaco.com;
    root /var/www/deebaco.com/html;

    ssl_certificate /root/deebaco.com.chained.crt;
    ssl_certificate_key /root/deebaco.com.key;

    #location / {
    #try_files $uri $uri/ /index.html?$args;
    #}

    location / {
    try_files $uri /index.html;
    autoindex on;
    autoindex_exact_size off;
    }

}

Which user is nginx using, which OS user is the owner of directory `/var/ww/deebaco.com/html`? what are the permissions on that directory? — Mehdi, Mar 26 '20 at 14:43
Does this answer your question? [Nginx serve static file and got 403 forbidden](https://stackoverflow.com/questions/16808813/nginx-serve-static-file-and-got-403-forbidden) — Mehdi, Mar 26 '20 at 14:44
@Mehdi I don't remember setting any permission and adding different user in config, i'm relatively new to this, all i have done is created a separate file for the domain i.e, deebaco.com, and above code snippet is the config for the domain. It's running on ubuntu 18.04 OS — Sumair, Mar 26 '20 at 15:57
@Mehdi Since i haven't added any user and permissions, i'm guessing the only user is default www-data user. — Sumair, Mar 26 '20 at 16:08
@Mehdi Thanks for pointing me in the right direction, i changed the user to root in nginx config file and that seemed to do the trick for me. Any other suggestions would be highly appreciated, thank you. — Sumair, Mar 26 '20 at 16:22
Please do not run nginx as root, this is unsafe from a security perspective. — Mehdi, Mar 26 '20 at 16:23

score 9 · Accepted Answer · answered Mar 26 '20 at 16:22

Check the owner of the public directory, for example using this command:

ls -l /var/www/deebaco.com/html

nginx often runs as nobody, Instead, it should run with the same user as the owner.

Edit /etc/nginx/nginx.conf to set the same user. For example, if the directory is owned by www-data, add the following:

user  www-data;

After saving the config, validate that it is correct:

sudo nginx -t

If the command above confirms that the syntax is ok, reload nginx configuration:

sudo systemctl reload nginx.service

This should solve the problem.

Thank you so much, just exactly what i needed. – Sumair Mar 26 '20 at 16:25 — Sumair, Mar 26 '20 at 16:25

Nginx showing 403 forbidden

1 Answers1