Linux
nginx - 403 禁止
我很難讓別名在 nginx 上正常工作。當我嘗試訪問別名**/pma和/mba**(請參閱secure.example.com.conf)時,我得到一個403 Forbidden但基本 url 工作正常。
我閱讀了很多文章,但沒有任何幫助,所以我在這裡。
Nginx和php-fpm作為 www-data:www-data 執行,並且目錄的權限設置為:
drwxrwsr-x+ 5 www-data www-data 4.0K Dec 5 22:48 ./ drwxr-xr-x. 3 root root 4.0K Dec 4 22:50 ../ drwxrwsr-x+ 2 www-data www-data 4.0K Dec 5 13:10 mda.example.com/ drwxrwsr-x+ 11 www-data www-data 4.0K Dec 5 10:34 pma.example.com/ drwxrwsr-x+ 3 www-data www-data 4.0K Dec 5 11:49 www.example.com/ lrwxrwxrwx. 1 www-data www-data 18 Dec 5 09:56 secure.example.com -> www.example.com/
我為大部分感到抱歉,但我認為太多總比太少好。
以下是配置文件:
/etc/nginx/nginx.conf
user www-data www-data; worker_processes 1; error_log /var/log/nginx/error.log; #error_log /var/log/nginx/error.log notice; #error_log /var/log/nginx/error.log info; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 65; include /etc/nginx/sites-enabled/*; }
/etc/nginx/sites-enabled/secure.example.com
server { listen 80; server_name secure.example.com; return 301 https://$host$request_uri; } server { listen 443; server_name secure.example.com; access_log /var/log/nginx/secure.example.com.access.log; error_log /var/log/nginx/secure.example.com.error.log; root /srv/http/secure.example.com; include /etc/nginx/ssl/secure.example.com.conf; include /etc/nginx/conf.d/index.conf; include /etc/nginx/conf.d/php-ssl.conf; autoindex off; location /pma/ { alias /srv/http/pma.example.com; } location /mda/ { alias /srv/http/mda.example.com; } }
/etc/nginx/ssl/secure.example.com.conf
ssl on; ssl_certificate /etc/nginx/ssl/secure.example.com.crt; ssl_certificate_key /etc/nginx/ssl/secure.example.com.key; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5;
/etc/nginx/conf.d/index.conf
index index.php index.html index.htm;
/etc/nginx/conf.d/php-ssl.conf
location ~ \.php$ { try_files $uri =404; fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; fastcgi_index index.php; fastcgi_param HTTPS on; fastcgi_param SCRIPT_FILENAME $request_filename; include fastcgi_params; }
/var/log/nginx/secure.example.com.error.log
2013/12/05 22:49:04 [error] 29291#0: *2 directory index of "/srv/http/pma.example.com" is forbidden, client: 176.199.78.88, server: secure.example.com, request: "GET /pma/ HTTP/1.1", host: "secure.example.com"
編輯:忘了提,我正在執行 CentOS 6.4 x86_64 和 nginx 1.0.15
提前致謝!
您的 /pma 和 /mda 位於非標準位置(對於 CentOS),
/srv/http
您看到的問題可能與 SELinux 有關。一個快速測試是將 SELinux 配置為許可模式
setenforce 0
測試以查看您的頁面是否正常工作。如果他們這樣做,那麼您需要為
/srv/http
semanage fcontext -a -t httpd_sys_content_t "/srv/httpd(/.*)?" restorecon -rv /srv/http setenforce 1
再次測試,希望你一切順利。