0

I'm trying to share some of my personal media on my website, but I get a 403 Forbidden error when I try to head to it (www.example.com/media). However, when I provide the full path to a file e.g www.example.com/media/2001/golden_retriever.jpg I get to see the actual picture.

I've enabled autoindex on; in /etc/nginx/sites-available/example.com like so:

location /media {
    allow all;
    autoindex on;
    }

After I restart with service nginx restart, I get the same error. I've tried putting autoindex on; in location / { } and inside the actual server { } block with no avail. Basically, nothing happens when I restart the nginx server after changes.

Whole sites-available config:

server {
        listen   80; ## listen for ipv4; this line is default and implied
        #listen   [::]:80 default ipv6only=on; ## listen for ipv6

        root /usr/share/nginx/www/example;
        index index.php index.html index.htm;

        # Make site accessible from http://localhost/
        server_name example.com www.example.com;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to index.html
                try_files $uri $uri/ /index.html;
                # Uncomment to enable naxsi on this location
                # include /etc/nginx/naxsi.rules
        }

        location /doc/ {
                alias /usr/share/doc/;
                autoindex on;
                allow 127.0.0.1;
                deny all;
        }

        location /media {
                allow all;
                autoindex on;
        }

        # Only for nginx-naxsi : process denied requests
        #location /RequestDenied {
                # For example, return an error code
                #return 418;
        #}

        #error_page 404 /404.html;

        # redirect server error pages to the static page /50x.html
        #
        #error_page 500 502 503 504 /50x.html;
        #location = /50x.html {
        #       root /usr/share/nginx/www;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

        location ~ \.php$ {
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

                # With php5-cgi alone:
                #fastcgi_pass unix:/var/run/php5-fpm.sock;
                # With php5-fpm:
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}
}

Note that this config has a symlink towards sites-enabled with the exact same name.

user545424
  • 113
  • 4
Svenskunganka
  • 185
  • 1
  • 4
  • 11

2 Answers2

2

It seems like it was the symlink that was at fault here. When creating the symlink, use the full path instead of a relative path like so:

ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enable/example.com
Svenskunganka
  • 185
  • 1
  • 4
  • 11
0

Are you sure that the directory /usr/share/nginx/www/example/media has permissions set up so that the web server process can access the directory?

If you have created the directory via your own user account, you need to ensure that the other permission group has read and execute permissions on that directory.

chmod a+rx /usr/share/nginx/www/example/media

adds read / execute permissions to the directory.

Also, the files in the directory should have read permissions by the other group:

chmod a+r /usr/share/nginx/www/example/media/*
  • Tero
Tero Kilkanen
  • 34,499
  • 3
  • 38
  • 58