stackoom
  简体   繁体   中英

403 forbidden for AWS Beanstalk Flask static files without SSL

 原文  2015-12-26 22:27:14       python/ amazon-web-services/ flask/ elastic-beanstalk/ http-status-code-403

Question

My local machine is a virtual CeontOS-7 with a Python 2.7 virtualenv containing a Flask application directory, the structure is the following: 

/var
  /www
    /myAppenv
      /myApp
        /.ebextensions
           myApp-env.config
        /.elasticbeanstalk
        application.py
        requirements.txt
        /flaskApp
          /core
            views.py
            models.py
            forms.py
          /templates
          /static

and I deploy it from /myApp using EB CLI deploy to a Beanstalk application named myApp with an environment named myApp-env.

I think the static files path is set right in /.ebextensions/myApp-env.config: 

option_settings:
   "aws:elasticbeanstalk:container:python:staticfiles":
     "/static/": "flaskApp/static/"

and I can see in AWS web console-> environment-> Configurations-> Software Configuration that 

StaticFiles: /static/=flaskApp/static/

so the path setting doesn't seem to be the cause of the problem.

So when I open the web page for my application I see the page missing css and js, since everything from static directory gets a 403 forbidden response: 

GET http://myApp-dev.elasticbeanstalk.com/ [HTTP/1.1 200 OK 174ms]
GET http://myApp-dev.elasticbeanstalk.com/static/bootstrap-3.3.5-dist/js/bootstrap.min.js  [HTTP/1.1 403 Forbidden 55ms]
...

Guessing it's something about permissions, since in my local dir files are owned by my linux account (for samba reasons), then I tried to chown root and chgrp root (static dirs and files permissions are 755), but it didn't change anything. I actually don't think is anything related to firewall/selinux, by the fact that the home page is actually loading.

Does anybody know how to solve this problem?

2 answers

solution1
 1  2015-12-27 09:48:55

I think I found the problem. I was inspecting by EB SSH just to understand what was going on and I noticed that the "ec2-user" I got logged in the AWS machine could access (running cd command) till the directory 

/opt/python/current/app

but ec2-user wasn't allow to access dir 

/opt/python/current/app/flaskApp

because of permissions.

While the static dirs and files contained in flaskApp yet had permissions set on 755, I noticed that flaskApp dir (which contains static dir) was 744 (that I thought would be fine). So I changed flaskApp dir permissions to 755 and it worked: now static files get loaded!

By the way I doubt this permissions set is good for production. The alternative could be to structure dirs so that static isn't a subdirectory of flaskApp dir, allowing this way to keep static dir set on 755 while having flaskApp dir set on more conservative permissions.

solution2
 0  2015-12-27 04:03:46

The owner/group being root may be irrelevant if the files aren't viewable by all users. Make sure they're accessible to all by running a chmod 664 on all the static files.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Django static files to AWS S3 return 403 forbidden Django 403 Forbidden on AWS Elastic Beanstalk Python Flask: forbidden access to static files in aws lambda Nginx is throwing an 403 Forbidden on Static Files Elastic Beanstalk Flask Application - Static files not found elastic beanstalk - app is returning 403 not found error for static files Django 301 and 403 forbidden errors on my static files in production Unable to view files on aws s3 (403 Forbidden) boto elastic beanstalk CreateApplicationVersion 403 Forbidden AWS EB Flask does not recognize static files
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM