403 forbidden of nginx in ubuntu

Question

server {
    location / {
        root /data/www;
    }

    location /images/ {
        root /data;
    }
}

http://localhost/images/example.png -> /data/images/example.png

http://localhost/some/example.html -> /data/www/some/example.html

So my nginx configuration：

 server {
            listen 443;
            server_name localhost;
            ssl on;
            ssl_certificate /home/attolee/sslkey/example.crt;
            ssl_certificate_key /home/attolee/sslkey/example.key;
            ssl_session_timeout 5m;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_ciphers ALL:!ADH:!EXPORT56:-RC4+RSA:+HIGH:+MEDIUM:!EXP;
            ssl_prefer_server_ciphers on;

            location / {
                    root /home/attolee;
                    index index.html;
            }

            location /hi/ {
                    root /home/attolee;
                    index hi.html;
            }
   }

I want

https://host/ access to /home/attolee/index.html，
https://host/hi/ access to /home/attolee/hi/hi.html，

Now 1 work, 2 failed, 403 forbidden.

error log tells me is 13: Permission denied.

So I check own and group of /home/attolee and /home/attolee/hi/, as well as hi.html.

drwxr-xr-x  6 attolee attolee 4096 Nov  2 17:08 attolee/
drw-rw-rw- 2 root    root    4096 Nov  2 17:12 hi/
-rw-rw-rw- 1 root    root      24 Nov  2 17:12 hi.html

then check the nginx process USER property using htop is root.

how to fix this?

AGL AGL · Accepted Answer · 2015-11-02T22:06:20

First, in your example you should do this:

root /home/attolee;
index index.html hi.html
location / {
         try_files $uri $uri/ =404;  
}

Second, You don't need to run nginx as root. In the nginx.conf you can change this to www-data for example. You have to move /home/hi inside /home/attolee/ and set /home/attolee with the correct owner.

403 forbidden of nginx in ubuntu

2 Answers