Nginx error 16611 directory is forbidden

April 2, 2018 146 views
Nginx Ubuntu 16.04

My Nginx error.log has many error messages like this:

16611#16611: *1672714 directory index of "/var/www/example.com/public_html/mydir/" is forbidden, client: 195.39.75.189, server: www.example.com, request: "GET /mydir/ HTTP/2.0", host: "www.example.com"

When I enter https://www.example.com/mydir/ in the browser the page is loaded ok.

My nginx config file has server block:

server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;

server_name www.example.com;
root /var/www/example.com/public_html/;
index index.html;

ssl_certificate     /etc/nginx/ssl/example/example.crt;
ssl_certificate_key /etc/nginx/ssl/example/example.key;
ssl_dhparam  /etc/nginx/ssl/example/dhparam.pem;

ssl_session_cache shared:SSL:20m;
ssl_session_timeout 10m;
ssl_session_tickets on;

ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/nginx/ssl/example/gd_bundle-g2-g1.crt;
resolver 8.8.8.8 8.8.4.4 valid=300s;

ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;

# Enable HSTS
#add_header Strict-Transport-Security "max-age=31536000; includeSubdomains" always;
#add_header Strict-Transport-Security "max-age=3600; includeSubdomains" always;
add_header Strict-Transport-Security "max-age=86400; includeSubdomains" always;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options SAMEORIGIN;

# rewrite .htm to .html (tested ok)
location ~ \.htm$ {
    rewrite ^(.*)\.htm$ $1.html permanent; 
}

location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
    #expires 1h;
    expires 1d;
    #add_header Pragma public;
    #add_header Cache-Control "public";
}

location / {
    try_files $uri $uri/ =404;
}

# to run php from html file (also security.limit_extensions = .php .html in /etc/php5/fpm/pool.d/www.conf)
# location ~ \.(php|htm|html)$ {
location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    #include fastcgi_params;
    fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    #fastcgi_index index.php;
    #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}

What should I change in the config file to avoid the error and to add the url www.example.com/mydir/ the index page index.html ?

1 Answer
ryanpq MOD April 10, 2018
Accepted Answer

Based on your configuration I am guessing that nginx is refusing to provide a directory listing for this directory because your configuration does not include autoindex on;. This is generally a good thing.

Adding an index.html file to /var/www/example.com/public_html/mydir/ should prevent this and will return the page instead of attempting to create a directory listing.

Have another answer? Share your knowledge.