How do I resolve 403 Forbidden for nginx + passenger + rails + centos 7 setup

Posted April 7, 2015 8k views
Ruby on RailsNginxCentOS

Hello all,

I am trying to set up a production server and am having a little bit of trouble. I am hoping someone can help me. I am new to Nginx. I usually use Apache for setting up my rails servers but decided I wanted some experience with Nginx.

I followed the tutorial located below for setting up my server:

Once I was done with this tutorial, I attempted to hit my sample application with a browser and got the 403 error. When I checked the error log I get the following:

2015/04/07 09:59:37 [error] 30642#0: *1 open() “/apps/my_app/public/tasks” failed (2: No such file or directory), client: ##.##.###.##, server:, request: “GET /tasks HTTP/1.1”, host: “

I installed lynx to see if I could hit it via a browser without having to hit the web but I then get a 404 error where the error log says the same thing but the host is localhost instead of the domain address.

I saw in some of the questions that the answer was making sure I had a default route which I do. And also to make the files executable which I didn’t understand that. I am not sure why I would need to make my views executable (if I understood correctly).

I am looking to see what might be going on wrong.

Here is what my nginx.conf file look like

worker_processes  1;
events {
    worker_connections  1024;
http {
    passenger_root /home/deploy/.rvm/gems/ruby-2.2.1/gems/passenger-5.0.6;
    passenger_ruby /home/deploy/.rvm/gems/ruby-2.2.1/wrappers/ruby;

    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;

    keepalive_timeout  65;

    gzip on;
    gzip_vary on;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    server {
      listen       80;

      root /apps/my_app/public;
      client_max_body_size 128M;
      passenger_enabled on;
      rails_env production;

      location ~ ^/(assets|images|javascripts|stylesheets|system)/ {
         expires max;
         add_header Cache-Control public;

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

Put quite simply your root directory doesn’t exist (or there are permissions errors (more likely))

chcon -Rv –type=httpdsyscontent_t /apps

should allow you to view your site without disabling SELinux, Disabling SELinux is a big no no!!

You may need to set other permissions to make it readable by nginx however

755 on all the directories should work.