Nginx (403 Forbidden)

Posted December 1, 2016 65.8k views

Deploying my web app (Nginx, Gunicorn, Django) on Ubuntu 16.10 I get a 403 error when clients try to load files to the server. Files are supposed to be saved in /var/www/annotator/media/dmitrybaranchuk/

I’ve read a lot of topics about the similar issues however nothing helped. I’m almost positive this is the problem with nginx / permissions / users. Maybe someone knows how I can fix this issue. The main information is below.

Error Logs

  • Safari Web Inspector:
    [Error] Failed to load resource: the server responded with a status of 403 (Forbidden) (dmitrybaranchuk, line 0)

  • nginx-error.log:
    [error] 10713#10713: *5 directory index of “/var/www/annotator/media/dmitrybaranchuk/” is forbidden, client:, server:, request: “POST /media/dmitrybaranchuk/ HTTP/1.1”, host: “”, referrer: “

  • /var/log/nginx/error.log: empty


  • Nginx processes:
    root - master process /usr/sbin/nginx -g daemon on; master_process on;
    www-data - worker process

  • /var/www permissions:
    /var/www and every directory/file inside has permission: 777, user: www-data, group: www-data.

  • SELinux: Disabled

  • /etc/nginx/sites-enabled/annotator

    server {
    listen 80;
    access_log /home/dmitrybaranchuk/pose_annotator/logs/nginx-access.log;
    error_log /home/dmitrybaranchuk/pose_annotator/logs/nginx-error.log;
    location /static/ {
        alias /home/dmitrybaranchuk/pose_annotator/static/;
        expires 30d;
    location /media/ {
        alias /var/www/annotator/media/;
    location / {
        autoindex on;
        proxy_set_header Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  • /etc/nginx/nginx.conf

user www-data;
worker_processes auto;
pid /run/;

events {
        worker_connections 768;

http {
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        gzip on;
        gzip_disable "msie6";

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
4 answers

[My Problem solved!]
I had the same problem with the media files that uploaded. The media files wouldn’t be loaded and when I wanted to inspect the page and go to the URL of the image, it was showing me 403 forbidden.

I solve this problem by giving the permission of 777 to all the folders through the media file in the server. for example, if the media files are in the root /home/your-project/media/images, then you should run these commands in the server: (for example in Centos 7)

in the root / : chmod -R 777 /home
in the root /home/: chmod -R 777 /your-project
in the root /your-project/ : chmod -R 777 /media
in the root /media: chmode -R 777 /images

hope it helps whoever stucks in this problem.

It is better to use the root directive instead of alias.

location /media/ {
    root /var/www/annotator/;

If you are using alias, I recommend you to use $1 for the endpoint such as this:

location /media/ {
    alias /var/www/annotator/media/$1;

The issue is solved. The mistake was pretty stupid: when nginx got url ’/media/dmitrybaranchuk/filename’ it sent the request to location /media/. However I supposed to direct it to location /.

Show answer This answer has been marked as resolved by dreamstechnologies1906.