17

I have setup nginx 0.7.67 on Ubuntu10.10 along with php-cli . I'm trying to get my front-controller based PHP framework to run, but all pages except index.php give a 403 error.

Ex :

  1. http://mysite.com/styles/style.css - 403 Forbidden
  2. http://mysite.com/scripts/script.css - 403 Forbidden
  3. http://mysite.com/index.php - Works

My /etc/nginx/sites-enabled/default is as follows 

server {
    listen          80;
    server_name     mysite.com;

    access_log      /var/log/nginx/access.log;
    error_log       /var/log/nginx/error.log warn;

    index           index.php index.html;
    root        /full/path/to/public_html;

    location ~* \.(js|css|png|jpg|jpeg|gif|ico|html)$ {
            expires max;
    }


    location ~ index.php {
            include     /etc/nginx/fastcgi_params;
            keepalive_timeout 0;
            fastcgi_param   SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            fastcgi_pass    127.0.0.1:9000;
    }

}

Any suggestions on how to fix the above?

PS: This is the entry from the error log

2010/10/14 19:56:15 [error] 3284#0: *1 open() "/full/path/to/public_html/styles/style.css" 
failed (13: Permission denied), client: 127.0.0.2, server: quickstart.local, 
request: "GET /styles/style.css HTTP/1.1", host: "mysite"
Adil
  • 2,092
  • 3
  • 25
  • 35
  • 2
    Dammit. It was Linux permission issue. One of the top-level directories did not have a "r" permission for others. Issue is resolved. – Adil Oct 17 '10 at 11:03
  • Agreed. I simply changed the permissions to 755 for all the files and made www-data the owner of the folder and everything started working. – Jeff C Aug 10 '20 at 17:35

6 Answers6

29

Had the same problem. Fixed it by simply setting the right permissions on my CSS and JS files and folders. Be careful about setting permissions! But for a file to be readable on the web, it has to be readable by the user running the server process. 

chmod -R +rx css
chmod -R +rx js

Gives read and execute permissions. The -R is for recursive. Only do this for files you want readable by the world!

Michael Butler
  • 6,079
  • 3
  • 38
  • 46
7

Alt solution: change the run user by editing the nginx.conf (e.g., /usr/local/nginx/conf/nginx.conf) to the owner of those files:

user myuser mygroup;
Avindra Goolcharan
  • 4,032
  • 3
  • 41
  • 39
4

Try this in your location line:

location ~* ^.+\.(js|css|png|jpg|jpeg|gif|ico|html)$ {

or

location ~* ^.+.(js|css|png|jpg|jpeg|gif|ico|html)$ {
Vantomex
  • 2,247
  • 5
  • 20
  • 22
  • error log says 2010/10/14 19:56:15 [error] 3284#0: *1 open() "/home/adil/NetBeansProjects-old/CrowdSourcedWeb/applications/csw/web/styles/style.css" failed (13: Permission denied), client: 127.0.0.2, server: quickstart.local, request: "GET /styles/style.css HTTP/1.1", host: "quickstart.local" – Adil Oct 14 '10 at 15:57
  • I had this problem whenever a js or css file had a extra dot in the filename, ie: bootstrap.min.css as opposed to bootstrap.css. Added the top option to my nginx configuration and problem solved – OffTheBricks May 01 '20 at 21:09
-1

Make sure that every top level directory has permission levels AND the index.html. Most of the times you will just copy the file you want to see in /www and rename it index.html make sure the new index.html has the right permissions (to be sure 777 just for testing ofcourse).

Teo
  • 1
  • 3
    777 "just to be sure" is a terrible idea. "I have my keys, but I should leave my front door unlocked just to make sure I can get back in." – Dan Sep 27 '12 at 04:28
-1

i need to write alterative solution to this problem. I migrate wordpress into plesk server and I get this error with css and js scripts. Nginx configuration produce a bug getting js and css files. If a wordpress error loading CSS and JS scripts (forbidden), it may be due to the configuration of nginx and apache.

UNLOCK the box of configuration nginx and apache:

Intelligent processing of static files -> DONT CHECKED

This solves my problem. I hope others too pymessoft.com

vik
  • 1
-2
    server {
        listen          80;
        server_name     mysite.com;

        access_log      /var/log/nginx/access.log;
        error_log       /var/log/nginx/error.log warn;

        index           index.php index.html;
        root        /full/path/to/public_html;

} <--- you forgot this one

        location ~* \.(js|css|png|jpg|jpeg|gif|ico|html)$ {
                expires max;
        }


        location ~ index.php {
                include     /etc/nginx/fastcgi_params;
                keepalive_timeout 0;
                fastcgi_param   SCRIPT_FILENAME  $document_root$fastcgi_script_name;
                fastcgi_pass    127.0.0.1:9000;
        }

    }

you have to close server{} before defining the location.

or change the owner of the files to www-data or apache if you don't have access to the files.

Maarten
  • 88
  • 1
  • 3
  • 1
    The location tag must be inside the server tag. – Adil Oct 16 '10 at 17:18
  • that's strange, in my situation it works with closing server{} before defining a location. But i'm glad you found the solution! – Maarten Oct 18 '10 at 19:26
  • Maarten. Just to explain my comment above, the reason i said that is because nginx complains. Its "illegal" to keep the location tag outside the server tag. Maybe you should look into your conf again, to see precisely why it does that. Good to know. And, thanks for helping. – Adil Oct 20 '10 at 11:58
  • location tag should be in server tag – Shankar Kamble Dec 11 '13 at 14:36