I've trouble to get aliases working correctly on nginx.
When i try to access the aliases, /pma and /mba (see secure.example.com.conf), i get a 403 Forbidden but the base url works correctly.
I read a lot of posts but nothing helped, so here i am.
Nginx and php-fpm are running as www-data:www-data and the permissions for the directories are set to:
drwxrwsr-x+ 5 www-data www-data 4.0K Dec 5 22:48 ./
drwxr-xr-x. 3 root root 4.0K Dec 4 22:50 ../
drwxrwsr-x+ 2 www-data www-data 4.0K Dec 5 13:10 mda.example.com/
drwxrwsr-x+ 11 www-data www-data 4.0K Dec 5 10:34 pma.example.com/
drwxrwsr-x+ 3 www-data www-data 4.0K Dec 5 11:49 www.example.com/
lrwxrwxrwx. 1 www-data www-data 18 Dec 5 09:56 secure.example.com -> www.example.com/
Im sorry for the bulk, but i thought better too much than too little.
Here are the configuration files:
/etc/nginx/nginx.conf
user www-data www-data;
worker_processes 1;
error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/sites-enabled/*;
}
/etc/nginx/sites-enabled/secure.example.com
server {
listen 80;
server_name secure.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name secure.example.com;
access_log /var/log/nginx/secure.example.com.access.log;
error_log /var/log/nginx/secure.example.com.error.log;
root /srv/http/secure.example.com;
include /etc/nginx/ssl/secure.example.com.conf;
include /etc/nginx/conf.d/index.conf;
include /etc/nginx/conf.d/php-ssl.conf;
autoindex off;
location /pma/ {
alias /srv/http/pma.example.com;
}
location /mda/ {
alias /srv/http/mda.example.com;
}
}
/etc/nginx/ssl/secure.example.com.conf
ssl on;
ssl_certificate /etc/nginx/ssl/secure.example.com.crt;
ssl_certificate_key /etc/nginx/ssl/secure.example.com.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
/etc/nginx/conf.d/index.conf
index index.php index.html index.htm;
/etc/nginx/conf.d/php-ssl.conf
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
/var/log/nginx/secure.example.com.error.log
2013/12/05 22:49:04 [error] 29291#0: *2 directory index of "/srv/http/pma.example.com" is forbidden, client: 176.199.78.88, server: secure.example.com, request: "GET /pma/ HTTP/1.1", host: "secure.example.com"
EDIT: forgot to mention, i'm running CentOS 6.4 x86_64 and nginx 1.0.15
Thanks in advance!
Best Answer
You have your /pma and /mda in a non standard location (for CentOS) in
/srv/http
the problems you're seeing could be related to SELinux.A quick test is to configure SELinux for permissive mode
Test to see if your pages work correctly. If they do then you need to configure the correct context for
/srv/http
Test again and hopefully you're good to go.