Nginx app entrence forbidden although DB and CMS synced and DR dir permissions set

On Ubuntu 16.04 with Bash I’ve established LEMP and I can’t access a WordPress app from browser although DB data is according (as I recall), and document root app dir has the right permissions (see below).

Nginx conf

WordPress app wp-config.php

This is the only part I changed in wp-config.php:

define('DB_NAME', '');
define('DB_USER', '');
define('DB_PASSWORD', 'example.password');

My resets before testing

chown -R www-data:www-data "$drt"/
chmod -R a-x,a=rX,u+w "$drt"/
systemctl restart nginx.service
/etc/init.d/php*-fpm restart

Current state

I get “entrance forbidden” when navigating to my domain in the browser.

No errors besides “entrance forbidden” appear in Nginx conf.

The DB user and the DB name are identical to one another and also identical to the app’s dir name

Desired state

Entrance permitted.

My question

Why is the entrance forbidden, given the above data? What I miss?


  1. This problem is unique to the WordPress app. It doesn’t happen with the non-HTTPS, PHPmyadmin app.

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

entrance coaching centre pathanamthitta provide the best coaching class for medical and engineering students. here working staffs are well knowledgeable and experienced. please visit us website.

Hi @benqzq920eee9010102b3d3c63, good to hear that you were able to solve this! Copying this over from your stack overflow follow-up just in case someone else lands on this page :)

I was able to solve it with this conf:

server {
    root /var/www/html/;
    index index.php index.html index.htm;
    location / {
        try_files $uri $uri/ /index.php?q=$uri&$args;
    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    location ~* \.(jpg|jpeg|png|gif|ico|css|js|ttf|woff|pdf)$ {
        expires 365d;

 # managed by Certbot

    listen 443 ssl http2; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

server {
    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    return 404; # managed by Certbot