[英]Laravel + NGINX giving 403 forbidden
I am really stuck loading a Laravel app for the first time on the web (EC2). 我真的很难在网络(EC2)上首次加载Laravel应用。
I have an instance of Ubuntu 18.04 running latest laravel 5.6. 我有一个运行最新的laravel 5.6的Ubuntu 18.04实例。 I have been stuck for hours trying to resolve a 403 issue.
我已经被困了几个小时,试图解决403问题。 I have followed:
我遵循了:
These steps (create new group, add ubuntu and www-data to it, set group and owner to read, write and execute) 这些步骤 (创建新组,向其中添加ubuntu和www-data,将组和所有者设置为读取,写入和执行)
These steps to set folder permissions 这些设置文件夹权限的步骤
... many other attempts / server rebuilds... ...许多其他尝试/服务器重建...
So just now I set all files and folders in root to 777 to test 所以刚才我将根目录中的所有文件和文件夹都设置为777进行测试
$ find /home/ubuntu/projectname -type f -exec chmod 777 {} \;
$ find /home/ubuntu/projectname -type d -exec chmod 777 {} \;
And on suggestion below I also did this: 根据以下建议,我也这样做了:
$ namei -l /home/ubuntu/projectname/public
f: /home/ubuntu/projectname/public
drwxr-xr-x root root /
drwxr-xr-x root root home
drwxr-xr-x ubuntu ubuntu ubuntu
drwxrwxrwx www-data www-data projectname
drwxrwxrwx www-data www-data public
$ sudo chmod -R 777 /home/ubuntu/projectname
$ ls -l
drwxrwxrwx 8 www-data www-data 4096 Aug 16 10:25 app
-rwxrwxrwx 1 www-data www-data 1686 Aug 16 10:25 artisan
drwxrwxrwx 3 www-data www-data 4096 Aug 16 10:25 bootstrap
-rwxrwxrwx 1 www-data www-data 1652 Aug 16 10:25 composer.json
-rwxrwxrwx 1 www-data www-data 166078 Aug 16 10:25 composer.lock
drwxrwxrwx 2 www-data www-data 4096 Aug 16 10:25 config
drwxrwxrwx 5 www-data www-data 4096 Aug 16 10:25 database
drwxrwxrwx 999 www-data www-data 36864 Aug 16 10:46 node_modules
-rwxrwxrwx 1 www-data www-data 1442 Aug 16 10:25 package.json
-rwxrwxrwx 1 www-data www-data 604905 Aug 16 10:45 package-lock.json
-rwxrwxrwx 1 www-data www-data 1134 Aug 16 10:25 phpunit.xml
drwxrwxrwx 6 www-data www-data 4096 Aug 16 10:46 public
-rwxrwxrwx 1 www-data www-data 3675 Aug 16 10:25 readme.md
drwxrwxrwx 6 www-data www-data 4096 Aug 16 10:25 resources
drwxrwxrwx 2 www-data www-data 4096 Aug 16 10:25 routes
-rwxrwxrwx 1 www-data www-data 563 Aug 16 10:25 server.php
drwxrwxrwx 6 www-data www-data 4096 Aug 16 10:25 storage
drwxrwxrwx 4 www-data www-data 4096 Aug 16 10:25 tests
drwxrwxrwx 45 www-data www-data 4096 Aug 16 10:45 vendor
-rwxrwxrwx 1 www-data www-data 1738 Aug 16 10:25 webpack.mix.js
This last one has me stumped as the result is the same in my nginx project error log (tail -f): 最后一个让我感到困惑,因为结果与我的nginx项目错误日志(tail -f)相同:
2018/08/16 13:44:25 [error] 27246#27246: *1 directory index of "/home/ubuntu/projectname/public/" is forbidden, client: 29.99.0.232, server: projectname.com.au, request: "GET / HTTP/1.1", host: "projectname.com.au"
I do not know what to try next. 我不知道下一步该怎么做。 Any help will get you on my Christmas card list!
任何帮助都会使您进入我的圣诞贺卡清单!
My project is cloned to: 我的项目被克隆到:
/home/ubuntu/projectname
My nginx config (taken from Laravel's Deploy page ) is: 我的nginx配置(取自Laravel的Deploy页面 )是:
server {
listen 80;
server_name projectname.com.au www.projectname.com.au;
root /home/ubuntu/projectname/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
access_log /var/log/nginx/projectname.access.log;
error_log /var/log/nginx/projectname.error.log error;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/projectname.com.au/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/projectname.com.au/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.projectname.com.au) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = projectname.com.au) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name projectname.com.au www.projectname.com.au;
return 404; # managed by Certbot
}
Try changing this line in the Nginx config: 尝试在Nginx配置中更改此行:
location / {
try_files $uri $uri/ /index.php?$query_string;
}
to this: 对此:
location / {
try_files $uri /index.php?$query_string;
}
From what I can see, this is caused because nginx will try to index the directory, and be blocked by itself.
据我所知,这是由于nginx会尝试索引目录并被其自身阻止而造成的。
Source answer: Nginx 403 error: directory index of [folder] is forbidden 源答案: Nginx 403错误:[文件夹]的目录索引被禁止
There might be permission problems for nginx somewhere else along the path to the root directory. 在根目录路径的其他位置,nginx可能存在权限问题。
Run namei -l /home/ubuntu/projectname/public
and make sure, that every directory has atleast execute permissions to the nginx user. 运行
namei -l /home/ubuntu/projectname/public
,并确保每个目录都对nginx用户具有至少执行权限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.