403 Forbidden Centos 6.8 Wordpress


#1

After I configures my ssl and installed it, I tried to access my website “www.murphygames.com” and an error message appeared saying “403 Forbidden”.

This is the error message in error.log:

2017/03/03 21:29:30 [error] 1756#1756: *1 directory index of “/usr/share/nginx/html/” is forbidden, client: 88.207.138.68, server: murphygames.com, request: “GET / HTTP/1.1”, host: “murphygames.com

Default.conf
server {
listen 80;
server_name localhost;

#charset koi8-r;
#access_log  /var/log/nginx/log/host.access.log  main;

location / {
    root   /var/www/html;
    index  index.php index.html index.htm;
}

#error_page  404              /404.html;

# redirect server error pages to the static page /50x.html
#
error_page   500 502 503 504  /50x.html;
location = /50x.html {
    root   /usr/share/nginx/html;
}

# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
#    proxy_pass   http://127.0.0.1;
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
#    root           html;
#    fastcgi_pass   127.0.0.1:9000;
#    fastcgi_index  index.php;
#    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
#    include        fastcgi_params;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
#    deny  all;
#}

}

ssl.conf

server {
listen 443 http2 ssl;

    server_name murphygames.com www.murphygames.com;

    ssl_certificate /etc/letsencrypt/live/murphygames.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/murphygames.com/privkey.pem;

    ########################################################################
    # from https://cipherli.st/                                            #
    # and https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html #
    ########################################################################

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
    ssl_ecdh_curve secp384r1;
    ssl_session_cache shared:SSL:10m;
    
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
    # Disable preloading HSTS for now.  You can use the commented out header line that includes
    # the "preload" directive if you understand the implications.
    #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
    add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;

    ##################################
    # END https://cipherli.st/ BLOCK #
    ##################################

    ssl_dhparam /etc/ssl/certs/dhparam.pem;

    location ~ /.well-known {
            allow all;
    }

    # The rest of your server block
    root /usr/share/nginx/html;
    index index.html index.htm;

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
    }

}

Anyone know how to fix it? :slight_smile:


#2

https://www.scalescale.com/tips/nginx/403-forbidden-nginx/


#3

I tried the things listed on the site (not sure if I did them the right way though) and I still get the error.


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.