Nginx app entrence forbidden although DB and CMS synced and DR dir permissions set


#1

Disclaimer: I’m not sure it’s associated with Certbot, but really think it might be.

On Ubuntu 16.04 with Bash I’ve established LEMP and I can’t access a WordPress app from browser although DB data is according (as I recall), and document root app dir has the right permissions (see below).

Nginx conf

WordPress app wp-config.php

This is the only part I changed in wp-config.php:

define('DB_NAME', 'example.com');
define('DB_USER', 'example.com');
define('DB_PASSWORD', 'example.password');

My resets before testing

chown -R www-data:www-data "$drt"/
chmod -R a-x,a=rX,u+w "$drt"/
systemctl restart nginx.service
/etc/init.d/php*-fpm restart

$drt means document root (/var/www/html).

Nginx logs

I checked all three Nginx logs (-t,access and error). The first two logs outputs nothing, but error outputs this:

directory index of “/var/www/html/example.com/” is forbidden

Current state

I get “entrance forbidden” when navigating to my domain in the browser.

Desired state

Entrance permitted.

My question

Why is the entrance forbidden, given the above data? What I miss?

I wonder if it might be associated somehow with configuration by Certbot.

Notes:

  1. This problem is unique to the WordPress app. It doesn’t happen with the non-HTTPS, PHPmyadmin app.
  2. The DB user and the DB name of the WordPress app are identical to one another and also identical to the app’s dir name.

#2

Hi,

Can you please share the Nginx config for your virtual host & the user Nginx registered to? (for exmp. Nginx:nginx or www-data:www-data)

Thank you.


#3

I shared all 3 Nginx confs above (nginx.conf, default and virtual host conf) as well as the user Nginx listens to (please review “My resets before testing” chapter).


#4

Hi,

Can you try to execute the following command as root (sudo user)?
chown -R nginx:nginx /var/www/html
sudo chmod -R u+rwX,go+rX,go-w /var/www/html

This might solve your errror if that’s a directory issue.

Thank you


#5

Sadly it doesn’t solve it.


#6

The nginx server directive that is listening on 443 is missing all of:

  1. root index.php index.html;
  2. The part of the configuration that passes the requests from nginx to the PHP FCGI backend (as shown in one of your links).
  3. The try_files directive.

If you want the HTTPS server to behave the same way, it has to be configured the same way.

Certbot appears to have generated some nonsensical configuration, that’s for sure.


#7

Solution published here:


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.