1

I'm trying to get Nginx to return a simple webpage, but always with an http status code of 403. For some reason, I just can't get it to work. I have two files in /var/www/html/:

  • index.html
  • photo.jpg

index.html displays some text along with photo.jpg

Here is my Nginx config:

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        root /var/www/html;

        index index.html index.htm index.nginx-debian.html;

        server_name _;

        location / {
                return 403;
         }

        error_page 404 /index.html;
        error_page 403 /index.html;

        location = /index.html {
                 allow all;
       }

        location = /photo.jpg {
                allow all;
        }
}

With this config as-is, both index.html and photo.jpg are displayed with a status of 200. If I remove the location blocks for those two files, neither are displayed, but they have a status of 403. My question is: How can I display the html file, along with the image, but just return a status of 403? I feel like I'm missing something simple.

bcst
  • 41
  • 1
  • 1
  • 6
  • Why are you trying to do this? If you send a 403 the browser is not required to display the response body, and some browsers do not do so by default (such as IE). – Michael Hampton Oct 18 '16 at 16:57
  • This Nginx server is running along side a squid proxy. When a client PC attempts to access a URL that's not on the proxy's whitelist, it's redirected to this page hosted on Nginx. We have a Nagios script that makes sure the proxy is functioning by attempting to access a blocked URL through this proxy. The script checks the status of the request--200 means the proxy allowed the URL, and 403 (in this case) means the proxy redirected the client to our Nginx server . I don't have to use 403, I just need Nginx to reliably return something other than 200 along with the webpage we want to display. – bcst Oct 18 '16 at 17:45

1 Answers1

7

Your location / {}, containing a return 403; matches first. You should move it below two others.

Happy leg shooting !

drookie
  • 8,051
  • 1
  • 17
  • 27
  • To avoid said leg shooting, I decided to back up and re-configure things a different way that doesn't rely on the HTTP status codes. I haven't tested your suggestion as it's no longer applicable, but I appreciate it. – bcst Oct 19 '16 at 15:17