nginx:403forbidden

ginx:403 forbidden .title { text-align: center; margin-bottom: 0.2em } .subtitle { text-align: center; font-size: medium; font-weight: bold; margin-top: 0 } .todo { font-family: monospace; color: rgba(255, 0, 0, 1) } .done { font-family: monospace; color: rgba(0, 128, 0, 1) } .priority { font-family: monospace; color: rgba(255, 165, 0, 1) } .tag { background-color: rgba(238, 238, 238, 1); font-family: monospace; padding: 2px; font-size: 80%; font-weight: normal } .timestamp { color: rgba(190, 190, 190, 1) } .timestamp-kwd { color: rgba(95, 158, 160, 1) } .org-right { margin-left: auto; margin-right: 0; text-align: right } .org-left { margin-left: 0; margin-right: auto; text-align: left } .org-center { margin-left: auto; margin-right: auto; text-align: center } .underline { text-decoration: underline } #postamble p, #preamble p { font-size: 90%; margin: 0.2em } p.verse { margin-left: 3% } pre { border: 1px solid rgba(204, 204, 204, 1); box-shadow: 3px 3px 3px rgba(238, 238, 238, 1); padding: 8pt; font-family: monospace; overflow: auto; margin: 1.2em } pre.src { position: relative; overflow: visible; padding-top: 1.2em } pre.src:before { display: none; position: absolute; background-color: rgba(255, 255, 255, 1); top: -10px; right: 10px; padding: 3px; border: 1px solid rgba(0, 0, 0, 1) } pre.src:hover:before { display: inline } pre.src-asymptote:before { content: "Asymptote" } pre.src-awk:before { content: "Awk" } pre.src-C:before { content: "C" } pre.src-clojure:before { content: "Clojure" } pre.src-css:before { content: "CSS" } pre.src-D:before { content: "D" } pre.src-ditaa:before { content: "ditaa" } pre.src-dot:before { content: "Graphviz" } pre.src-calc:before { content: "Emacs Calc" } pre.src-emacs-lisp:before { content: "Emacs Lisp" } pre.src-fortran:before { content: "Fortran" } pre.src-gnuplot:before { content: "gnuplot" } pre.src-haskell:before { content: "Haskell" } pre.src-hledger:before { content: "hledger" } pre.src-java:before { content: "Java" } pre.src-js:before { content: "Javascript" } pre.src-latex:before { content: "LaTeX" } pre.src-ledger:before { content: "Ledger" } pre.src-lisp:before { content: "Lisp" } pre.src-lilypond:before { content: "Lilypond" } pre.src-lua:before { content: "Lua" } pre.src-matlab:before { content: "MATLAB" } pre.src-mscgen:before { content: "Mscgen" } pre.src-ocaml:before { content: "Objective Caml" } pre.src-octave:before { content: "Octave" } pre.src-org:before { content: "Org mode" } pre.src-oz:before { content: "OZ" } pre.src-plantuml:before { content: "Plantuml" } pre.src-processing:before { content: "Processing.js" } pre.src-python:before { content: "Python" } pre.src-R:before { content: "R" } pre.src-ruby:before { content: "Ruby" } pre.src-sass:before { content: "Sass" } pre.src-scheme:before { content: "Scheme" } pre.src-screen:before { content: "Gnu Screen" } pre.src-sed:before { content: "Sed" } pre.src-sh:before { content: "shell" } pre.src-sql:before { content: "SQL" } pre.src-sqlite:before { content: "SQLite" } pre.src-forth:before { content: "Forth" } pre.src-io:before { content: "IO" } pre.src-J:before { content: "J" } pre.src-makefile:before { content: "Makefile" } pre.src-maxima:before { content: "Maxima" } pre.src-perl:before { content: "Perl" } pre.src-picolisp:before { content: "Pico Lisp" } pre.src-scala:before { content: "Scala" } pre.src-shell:before { content: "Shell Script" } pre.src-ebnf2ps:before { content: "ebfn2ps" } pre.src-cpp:before { content: "C++" } pre.src-abc:before { content: "ABC" } pre.src-coq:before { content: "Coq" } pre.src-groovy:before { content: "Groovy" } pre.src-bash:before { content: "bash" } pre.src-csh:before { content: "csh" } pre.src-ash:before { content: "ash" } pre.src-dash:before { content: "dash" } pre.src-ksh:before { content: "ksh" } pre.src-mksh:before { content: "mksh" } pre.src-posh:before { content: "posh" } pre.src-ada:before { content: "Ada" } pre.src-asm:before { content: "Assembler" } pre.src-caml:before { content: "Caml" } pre.src-delphi:before { content: "Delphi" } pre.src-html:before { content: "HTML" } pre.src-idl:before { content: "IDL" } pre.src-mercury:before { content: "Mercury" } pre.src-metapost:before { content: "MetaPost" } pre.src-modula-2:before { content: "Modula-2" } pre.src-pascal:before { content: "Pascal" } pre.src-ps:before { content: "PostScript" } pre.src-prolog:before { content: "Prolog" } pre.src-simula:before { content: "Simula" } pre.src-tcl:before { content: "tcl" } pre.src-tex:before { content: "TeX" } pre.src-plain-tex:before { content: "Plain TeX" } pre.src-verilog:before { content: "Verilog" } pre.src-vhdl:before { content: "VHDL" } pre.src-xml:before { content: "XML" } pre.src-nxml:before { content: "XML" } pre.src-conf:before { content: "Configuration File" } table { border-collapse: collapse } caption.t-above { caption-side: top } caption.t-bottom { caption-side: bottom } td, th { vertical-align: top } th.org-right { text-align: center } th.org-left { text-align: center } th.org-center { text-align: center } td.org-right { text-align: right } td.org-left { text-align: left } td.org-center { text-align: center } dt { font-weight: bold } .footpara { display: inline } .footdef { margin-bottom: 1em } .figure { padding: 1em } .figure p { text-align: center } .inlinetask { padding: 10px; border: 2px solid rgba(128, 128, 128, 1); margin: 10px; background: rgba(255, 255, 204, 1) } #org-div-home-and-up { text-align: right; font-size: 70%; white-space: nowrap } textarea { overflow-x: auto } .linenr { font-size: smaller } .code-highlighted { background-color: rgba(255, 255, 0, 1) } .org-info-js_info-navigation { border-style: none } #org-info-js_console-label { font-size: 10px; font-weight: bold; white-space: nowrap } .org-info-js_search-highlight { background-color: rgba(255, 255, 0, 1); color: rgba(0, 0, 0, 1); font-weight: bold } .org-svg { width: 90% } Table of Contents 1. 启动用户与配置用户不匹配 2. 缺少index文件 3. selinux处于开启状态 4. 目录没有权限 5. 访问目录没有配置自动索引

出现这个错误一般以下原因引起：

1 启动用户与配置用户不匹配

这个就是 nginx.conf 中默认 #user nobody; 这一行，nobody 是默认的操作用户，而实际我们一般不使用此用户， 需要取消注释，并将nobody 修改为我们实际的操作用户。比如：

user root;

2 缺少index文件

在配置文件中 location 部分，/index index.html index.htm/ 这一行。 如果在/root/ 指向的路径中没有找到 index.html 或者 index.htm 文件，就会出现此错误。

在 nginx 的源码文件中有index.html 文件，将其复制到/root/指向的路径，即可。

cp /opt/nginx-1.18.0/html/index.html /mirrors/

3 selinux处于开启状态

elinux 是Linux 里控制端口开放与访问的一个安全性功能。开启了以后 ，我们很多端口都无法正常工作。 可以通过以下命令放开端口:

# CentOS 7
semanage port -a -t http_port_t -p tcp 7690
firewall-cmd --zone=public --add-port=7690/tcp --permanent
firewall-cmd --reload

或者直接关闭selinux:

setenforce 0
# 或者
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config

4 目录没有权限

一般root 用户启动时，不会有这个原因。而如果是其他用户，则有可能是由于操作路径没有权限引起的。 修改/root/ 指向的路径的属组，或者给启动用户相应的权限:

  chownn -R <user>.<group> <path>
#  或者
  chmod -R 777 <path>

5 访问目录没有配置自动索引

比如:

    server {
        listen       8320 default_server;
#        listen       [::]:8320 default_server;
        server_name  local_mirror;
        root         /mirrors/;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

当我访问root下的子路径时，由于在location 中没有配置 autoindex选项，会出现403错误。

解决方法就是在location 中加入以下内容:

autoindex on;
autoindex_exact_size on;
autoindex_localtime on;

Author: halberd.lee

Created: 2020-07-07 Tue 11:59

Validate