NGINX directories inside root are not accessible - nginx

I cannot access to directories inside server's document root.
It throw 403 Forbidden error!
here is /etc/nginx/nginx.conf file:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
#################
# Custom config
################
#disable_symlinks off;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
/etc/nginx/sites-available/default file:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
server root directory map:
/var/www/html/index.php
<?php include 'folder/file.php';
/var/www/html/folder/file.php
<?php echo 'file included';
if I request http://localhost/index.php it respond me 'file included' but if I request directly for http://localhost/folder/file.php it says me 403 Forbidden!

Related

Can't deploy two apps in Nginx

I developed an application using Django(rest-api) and reactJs with webpacker. It is working in local. Now I need to deploy it in an nginx server.
I have ssh access to nginx server(lets say server name: vardhan.com and username: vishnu). Can someone help with how to do it.
I am following this tutorial. https://tonyteaches.tech/django-nginx-uwsgi-tutorial/
But I got few questions.
There is already a survey application running in the same server and it can be accessed with url vardhan.com/survey. is website address(url) same as server name ?
How to host two applications in the same sever ?
This is .conf of survey app
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
listen 443 ssl;
server_name vardhan.com;
# SSL parameters
ssl_certificate /etc/ssl/certs/asurc.pem;
ssl_certificate_key /etc/ssl/certs/private.key;
location /survey {
#proxy_pass http://localhost:3000/;
proxy_pass http://localhost:3010/;
}
location /survey {
#proxy_pass http://localhost:3000/survey;
proxy_pass http://localhost:3010/survey;
}
location /result {
#proxy_pass http://localhost:3000/result;
proxy_pass http://localhost:3010/result;
}
location /feedback {
proxy_pass http://localhost:3010/feedback;
}
location /public/stylesheets/ {
autoindex on;
#alias /home/*****/AppSurvey/public/stylesheets/;
alias /home/*****/AppSurvey/public/stylesheets/;
}
location /public/javascripts/ {
autoindex on;
#alias /home/*****/AppSurvey/public/javascripts/;
alias /home/*****/AppSurvey/public/javascripts/;
#proxy_pass http://localhost:3000/public/javascripts/index.js;
proxy_pass http://localhost:3010/public/javascripts/index.js;
}
}
server {
listen 80;
server_name vardhan.com;
return 302 https://$server_name$request_uri;
}
}

How do I use subdomains with NGINX?

Trying to set up a subdomain on my digitalocean server using NGINX. Unfortunately, none of the things I tried have worked out so far. No error is shown, yet the site won't be fetched on the subdomain, only the main domain. Below is my config files:
/etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
/etc/nginx/site-available/ava-tms.com:
server {
listen 80;
listen [::]:80;
server_name ava-tms.com www.ava-tms.com;
root /var/www/ava-tms.com/live/;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
}
/etc/nginx/site-available/beta.ava-tms.com:
server {
listen 80;
listen [::]:80;
server_name beta.ava-tms.com www.beta.ava-tms.com;
root /var/www/ava-tms.com/beta/;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
}
Thanks in advance for the help.
As 0stone0 suggested, my problem was merely the lack of a dns record. Thx for the help.

NGINX restarts fails every time after adding a second virtual host

I dont know what i am doing wrong.
First I tried to add Vhosts in NGINX making new file in sites-available then linken to sites-enabled. This doerst work.
Then I tried to make the vhosts directly in the nginx.conf file. There is the same Problem. It works perfectly for one host but then if I add a another one and try to /etc/init.d/nginx start it always says:
See "systemctl status nginx.service" and "journalctl -xe" for details.
failed!
How can I fix that?
Here ist my nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
server_names_hash_bucket_size 64;
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name_;
location / {
root /var/www/html/;
index index.html index.htm index.nginx-debian.html;
autoindex on;
}
location ~ \.php$ {
root /var/www/html/;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
}
server {
listen 80;
server_name website.de;
location / {
root /var/www/dev1/;
index index.html index.htm;
autoindex on;
}
location ~ \.php$ {
root /var/www/dev1/;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
}
}

NGINX Multiple Site Setup

Basically, my NGINX setup is working fine for 2 of my sites but adding a third redirects to the second one.
server {
listen 80;
root /var/www/html/link.com/public/;
index index.php index.html index.htm index.nginx-debian.html;
server_name www.link.com link.com;
location / {
# URLs to attempt, including pretty ones.
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
My other 3 sites have the same config but editted accordingly. I also have a default section.
All 4 sites have a symbolic link in sites-enabled. I also havent editted the nginx.conf I dont think.
What could be the issue here?
Just consolidating the links in the comments above and adding a few more for reference :
https://www.nginx.com/resources/wiki/start/topics/examples/full/
https://www.nginx.com/resources/wiki/start/topics/examples/server_blocks/
https://nginx.org/en/docs/example.html
+
multiple websites on nginx & sites-available
Below two are in turn referenced in one of the answers in the above SO post :
http://nginx.org/en/docs/http/request_processing.html
http://nginx.org/en/docs/http/server_names.html
+
https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-server-blocks-virtual-hosts-on-ubuntu-16-04
While its not quite the standard SO answer, until someone else with better understanding comes along, you can refer these.

Nginx Issue with Subdomains

I'm having an issue with my nginx. I have a subdomain mapped to a folder and it loads the index but nothing else. Anyone see the issue with my congfig? I don't know if there is another congfig, but this is what was set up for us.
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
Here is the congig file for the subdomain with the issue:
server {
listen 80;
server_name streaming.thecanonhouse.com;
location / {
root /srv/opentok/learning-opentok-web/web/;
index index.html index.htm;
try_files $uri $uri/ #php;
}
location #php {
proxy_pass http://localhost:8080;
}
}
This is an example of the server block from official nginx website
server {
# Replace this port with the right one for your requirements
listen 80 default_server; #could also be 1.2.3.4:80
# Multiple hostnames separated by spaces. Replace these as well.
server_name star.yourdomain.com *.yourdomain.com; # Alternately: _
root /PATH/TO/WEBROOT;
error_page 404 errors/404.html;
access_log logs/star.yourdomain.com.access.log;
index index.php index.html index.htm;
# static file 404's aren't logged and expires header is set to maximum age
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
access_log off;
expires max;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_intercept_errors on;
# By all means use a different server for the fcgi processes if you need to
fastcgi_pass 127.0.0.1:YOURFCGIPORTHERE;
}
location ~ /\.ht {
deny all;
}

Resources