Question

我有CentOS服务器，已安装nginx，已配置域。我想显示基本的单页index.html文件，但显示错误：403 Forbidden nginx/1.12.2。整个网站位于目录中：

/var/www/oceanljepote.com

其中包含：

drwxr-xr-x. 5 nginx nginx   59 Jan  5 21:41 .
drwxr-xr-x. 3 nginx nginx   30 Jan  5 14:39 ..
drwxr-xr-x. 2 nginx nginx  121 Jan  5 21:31 css
drwxr-xr-x. 2 nginx nginx   61 Jan  5 21:40 images
-rwxr-xr-x. 1 nginx nginx 3146 Jan  5 21:28 index.html
drwxr-xr-x. 2 nginx nginx  226 Jan  5 21:31 js

我向nginx用户授予了所有权和权限，所以当我执行此操作时：

 namei -om /var/www/oceanljepote.com/css

我得到以下输出：

f: /var/www/oceanljepote.com/css
dr-xr-xr-x root  root  /
drwxr-xr-x root  root  var
drwxr-xr-x nginx nginx www
drwxr-xr-x nginx nginx oceanljepote.com
drwxr-xr-x nginx nginx css

我打开/var/log/nginx/error.log时看到此错误：

2019/01/05 21:53:40 [error] 15348#0: *1 "/var/www/oceanljepote.com/index.html" is forbidden (13: Permission denied), client: 213.149.62.113, server: oceanljepote.com, request: "GET / HTTP/1.1", host: "oceanljepote.com"

我的nginx.conf看起来像这样：

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
       #listen       80 default_server;
       #listen       [::]:80 default_server;
        server_name  _;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }
    }
}

我的/etc/nginx/conf.d/oceanljepote.com.conf看起来像这样：

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/oceanljepote.com;

    index index.html;

    server_name oceanljepote.com www.oceanljepote.com;

    location / {
        try_files $uri $uri/ =404;
    }
}

我做错了什么？

Answer 1

默认情况下，CentOS上已启用SELinux。要提供单个html页面，您需要通过运行setenforce 0命令来禁用SELinux，或者为存在html文件的目录添加新的安全上下文。有关SELinux的更多信息，请查看this

PS： setenforce 0命令暂时禁用SELinux。您需要编辑/etc/sysconfig/selinux文件以将其永久禁用。

单页html网站-Nginx 403禁止

1 个答案: