Question
Nginx (403 Forbidden)
- Posted on December 1, 2016
- DeploymentDjangoNginxUbuntu
Asked by dmitrybaranchuk
Deploying my web app (Nginx, Gunicorn, Django) on Ubuntu 16.10 I get a 403 error when clients try to load files to the server. Files are supposed to be saved in /var/www/annotator/media/dmitrybaranchuk/
I’ve read a lot of topics about the similar issues however nothing helped. I’m almost positive this is the problem with nginx / permissions / users. Maybe someone knows how I can fix this issue. The main information is below.
Error Logs
-
Safari Web Inspector: [Error] Failed to load resource: the server responded with a status of 403 (Forbidden) (dmitrybaranchuk, line 0)
-
nginx-error.log: [error] 10713#10713: *5 directory index of “/var/www/annotator/media/dmitrybaranchuk/” is forbidden, client: 31.173.80.174, server: 138.197.16.71, request: “POST /media/dmitrybaranchuk/ HTTP/1.1”, host: “138.197.16.71”, referrer: “http://138.197.16.71/”
-
/var/log/nginx/error.log: empty
Info
-
Nginx processes: root - master process /usr/sbin/nginx -g daemon on; master_process on; www-data - worker process
-
/var/www permissions: /var/www and every directory/file inside has permission: 777, user: www-data, group: www-data.
-
SELinux: Disabled
-
/etc/nginx/sites-enabled/annotator
server {
listen 80;
server_name 138.197.16.71;
access_log /home/dmitrybaranchuk/pose_annotator/logs/nginx-access.log;
error_log /home/dmitrybaranchuk/pose_annotator/logs/nginx-error.log;
location /static/ {
alias /home/dmitrybaranchuk/pose_annotator/static/;
expires 30d;
}
location /media/ {
alias /var/www/annotator/media/;
}
location / {
autoindex on;
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
- /etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Want to learn more? Join the DigitalOcean Community!
Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.
I had the same error that took me several days but had to give static folder access right to the Nginx user process and worked just fine, sudo chown [the user owning your file]:[nginx process user] target_folder_here
[My Problem solved!] I had the same problem with the media files that uploaded. The media files wouldn’t be loaded and when I wanted to inspect the page and go to the URL of the image, it was showing me 403 forbidden.
I solve this problem by giving the permission of 777 to all the folders through the media file in the server. for example, if the media files are in the root /home/your-project/media/images, then you should run these commands in the server: (for example in Centos 7)
in the root / : chmod -R 777 /home in the root /home/: chmod -R 777 /your-project in the root /your-project/ : chmod -R 777 /media in the root /media: chmode -R 777 /images
hope it helps whoever stucks in this problem.
The issue is solved. The mistake was pretty stupid: when nginx got url ‘/media/dmitrybaranchuk/filename’ it sent the request to location /media/. However I supposed to direct it to location /.