我有CentOS服务器,已安装nginx,已配置域。我想显示基本的单页index.html文件,但显示错误:403 Forbidden nginx/1.12.2
。
整个网站位于目录中:
/var/www/oceanljepote.com
其中包含:
drwxr-xr-x. 5 nginx nginx 59 Jan 5 21:41 .
drwxr-xr-x. 3 nginx nginx 30 Jan 5 14:39 ..
drwxr-xr-x. 2 nginx nginx 121 Jan 5 21:31 css
drwxr-xr-x. 2 nginx nginx 61 Jan 5 21:40 images
-rwxr-xr-x. 1 nginx nginx 3146 Jan 5 21:28 index.html
drwxr-xr-x. 2 nginx nginx 226 Jan 5 21:31 js
我向nginx
用户授予了所有权和权限,所以当我执行此操作时:
namei -om /var/www/oceanljepote.com/css
我得到以下输出:
f: /var/www/oceanljepote.com/css
dr-xr-xr-x root root /
drwxr-xr-x root root var
drwxr-xr-x nginx nginx www
drwxr-xr-x nginx nginx oceanljepote.com
drwxr-xr-x nginx nginx css
我打开/var/log/nginx/error.log
时看到此错误:
2019/01/05 21:53:40 [error] 15348#0: *1 "/var/www/oceanljepote.com/index.html" is forbidden (13: Permission denied), client: 213.149.62.113, server: oceanljepote.com, request: "GET / HTTP/1.1", host: "oceanljepote.com"
我的nginx.conf看起来像这样:
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
#listen 80 default_server;
#listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
我的/etc/nginx/conf.d/oceanljepote.com.conf看起来像这样:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/oceanljepote.com;
index index.html;
server_name oceanljepote.com www.oceanljepote.com;
location / {
try_files $uri $uri/ =404;
}
}
我做错了什么?
答案 0 :(得分:3)
默认情况下,CentOS上已启用SELinux。要提供单个html页面,您需要通过运行setenforce 0
命令来禁用SELinux,或者为存在html文件的目录添加新的安全上下文。有关SELinux的更多信息,请查看this
PS: setenforce 0
命令暂时禁用SELinux。您需要编辑/etc/sysconfig/selinux
文件以将其永久禁用。