异常描述
- nginx安装好后访问主页提示403 forbidden
- 访问日志报错
2018/06/21 15:55:45 [error] 18960#0: *1 "/usr/local/nginx-1.14.0/html/index.html" is forbidden (13: Permission denied), client: 172.40.9.210, server: localhost, request: "GET / HTTP/1.1", host: "172.43.13.60"
解决办法
nginx启动用户不一致
- yum安装时默认是使用nginx用户启动
- 编译安装时指定–user=nginx参数;worker也会以nginx用户启动
- nginx.conf配置文件使用默认配置一般不会有问题,设置user root存在安全隐患
#user nobody;
user nginx
worker_processes 1
events {
worker_connections 1024
}
http {
include mime.types
default_type application/octet-stream
sendfile on
keepalive_timeout 65
server {
listen 80
server_name localhost
location / {
root html
index index.html index.htm
}
error_page 500 502 503 504 /50x.html
location = /50x.html {
root html
}
}
}
[root@localhost ~]
root 18959 1 0 15:54 ? 00:00:00 nginx: master process
nginx 19041 18959 0 16:01 ? 00:00:00 nginx: worker process
缺少index.html或index.php
- yum安装,网页文件在/usr/share/nginx/html
- 编译安装,在安装目录的html下,例如/usr/local/nginx/html
文件和目录权限问题
- 这是最容易出问题的地方
- index.html需要具备r权限
- 上层目录html需要具备x权限
- 上上层目录nginx-1.14.0也需要具备x权限
/usr/local/nginx-1.14.0/html
drwxr-xr-x 11 root root 164 Jun 21 16:04 nginx-1.14.0
drwxr-xr-x 2 root root 38 Jun 21 16:01 html
-rw-r--r-- 1 root root 163 Jun 21 16:01 index.html
SELinux关闭