403 forbidden error, in Nginx configuration for Wordpress site

ReynierPM Published at Dev

ReynierPM

I'm configuring a Nginx site for Wordpress and I'm getting this error:

2014/11/21 16:39:24 [error] 38741#0: *2 directory index of "/var/www/html/jurisprudencialaboral.dev/" is forbidden, client: 192.168.3.1, server: jurisprudencialaboral.dev, request: "GET / HTTP/1.1", host: "jurisprudencialaboral.dev"

This are the permissions assigned to that directory:

drwxr-xr-x  5 apache root 4096 Nov 21 16:28 jurisprudencialaboral.dev

And this is the jurisprudencia.dev server content file:

server {
       server_name jurisprudencialaboral.dev jurisprudencia jurisprudencialaboral;
       root /var/www/html/jurisprudencialaboral.dev;

        location / {
                try_files $uri $uri/ /index.php?q=$uri&$args;
        }

        error_page 404 /404.html;

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
                root /usr/share/nginx/html;
        }

        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass  127.0.0.1:9000;
                #fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
                #fastcgi_param SCRIPT_FILENAME /var/www/html/jurisprudencialaboral.dev$fastcgi_script_name;
        }

        access_log /var/log/nginx/jurisprudencialaboral.dev/access.log;
        error_log /var/log/nginx/jurisprudencialaboral.dev/error.log;

        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }

        # Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
        # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
        location ~ /\. {
                deny all;
        }

        # Deny access to any files with a .php extension in the uploads directory
        # Works in sub-directory installs and also in multisite network
        # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
        location ~* /(?:uploads|files)/.*\.php$ {
                deny all;
        }

        # Add trailing slash to */wp-admin requests.
        rewrite /wp-admin$ $scheme://$host$uri/ permanent;

 # Directives to send expires headers and turn off 404 error logging.
        location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
               access_log off; log_not_found off; expires max;
        }

        # Uncomment one of the lines below for the appropriate caching plugin (if used).
        #include global/wordpress-wp-super-cache.conf;
        #include global/wordpress-w3-total-cache.conf;
}

I get it from here, what I'm doing wrong? Why the 403 error?

Xavier Lucas

Well this is pretty clear. You request URI / so nginx tries to list the docroot content but as autoindex directive default value is false thus this action is not allowed and nginx returns the adequate HTTP 403.

You forgot to set the index directive to serve an index file.

Collected from the Internet

Please contact [email protected] to delete if infringement.