子域名中的 Nginx:如果索引为 .html 则出现错误 403 禁止下载,如果索引为 .php 则下载

子域名中的 Nginx:如果索引为 .html 则出现错误 403 禁止下载,如果索引为 .php 则下载

它只发生在我的子域中,在其余部分它运行良好:

如果索引的扩展名是 htm 或 html,则会出现错误:

“403 禁止”

如果索引其扩展名是 php 则尝试下载。

/srv/www 内的权限对于所有子域都是相同的,并且它们可以正常工作。

我把配置conf:

server {
            ## Escucha en el puerto 80 (HTTP)
            listen 80;

            server_name musica.domain.com;

            location / {
                    return 301 https://$server_name$request_uri;
            }
}


server {
    ## Escucha en el puerto 443 (HTTPS)
    listen 443 ssl http2;

    server_name musica.domain.com;

    ## Certificados
    ssl_certificate /etc/letsencrypt/live/musica.domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/musica.domain.com/privkey.pem;
    include snippets/ssl-params.conf;

    access_log  /var/log/nginx/musica_access.log;
    error_log   /var/log/nginx/musica_error.log;

    root /srv/www/sonerezh;

    index index.html index.htm index.php;

    location ~ /.well-known {
            allow all;
    }

    location / {
#              try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php/musica.sock;
            #fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_index index.php;
            include fastcgi_params;
    }
}

nginx -T命令显示您实际上正在读取子域配置文件。

子域名访问日志:

195.16.143.6 - - [01/Jun/2017:09:16:29 +0200] "GET /favicon.ico HTTP/1.1" 404 143 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:53.0) Gecko/20100101 Firefox/53.0"
195.16.143.6 - - [01/Jun/2017:09:17:26 +0200] "GET / HTTP/1.1" 200 90 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:53.0) Gecko/20100101 Firefox/53.0"
195.16.143.6 - - [01/Jun/2017:10:09:59 +0200] "GET / HTTP/1.1" 200 90 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:53.0) Gecko/20100101 Firefox/53.0"
195.16.143.6 - - [01/Jun/2017:10:10:37 +0200] "GET / HTTP/1.1" 403 143 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:53.0) Gecko/20100101 Firefox/53.0"

子域名错误日志:

2017/06/01 09:16:29 [error] 3464#3464: *2295 open() "/srv/www/sonerezh/favicon.ico" failed (2: No such file or directory), client: 195.16.143.6, server: musica.domain.com, request: "GET /favicon.ico HTTP/1.1", host: "musica.domain.com"
2017/06/01 09:16:29 [error] 3464#3464: *2295 open() "/srv/www/sonerezh/favicon.ico" failed (2: No such file or directory), client: 195.16.143.6, server: musica.domain.com, request: "GET /favicon.ico HTTP/1.1", host: "musica.domain.com"
2017/06/01 10:10:37 [error] 3466#3466: *2350 directory index of "/srv/www/sonerezh/" is forbidden, client: 195.16.143.6, server: musica.domain.com, request: "GET / HTTP/1.1", host: "musica.domain.com"

nginx.conf

user bichomen bichomen;

worker_processes auto;
worker_rlimit_nofile 2048;
#pcre_jit on;

pid /var/run/nginx.pid;

#                        [ debug | info | notice | warn | error | crit ]

error_log  /var/log/nginx.error_log  info;

events {
    worker_connections   2000;

    # use [ kqueue | epoll | /dev/poll | select | poll ];
    # use poll;
}


http {
    include mime.types;
    default_type application/octet-stream;


    log_format main      '$remote_addr - $remote_user [$time_local] '
                         '"$request" $status $bytes_sent '
                         '"$http_referer" "$http_user_agent" '
                         '"$gzip_ratio"';

    log_format download  '$remote_addr - $remote_user [$time_local] '
                         '"$request" $status $bytes_sent '
                         '"$http_referer" "$http_user_agent" '
                         '"$http_range" "$sent_http_content_range"';

    client_header_timeout  3m;
    client_body_timeout    3m;
    send_timeout           3m;

    client_header_buffer_size    1k;
    large_client_header_buffers  4 4k;

    gzip on;
    gzip_min_length  1100;
    gzip_buffers     4 8k;
    gzip_types       text/plain;

    output_buffers   1 32k;
    postpone_output  1460;

    sendfile         on;
    tcp_nopush       on;
    tcp_nodelay      on;
    send_lowat       12000;

    keepalive_timeout  75 20;

    #lingering_time     30;
    #lingering_timeout  10;
    #reset_timedout_connection  on;

    include sites-enabled/*.conf;
}

权限:

$ ls -l /srv/www/
drwxr-x--x  4 bichomen bichomen 4096 Jun  1 10:10 sonerezh

$ ls -l /srv/www/sonerezh/
-rw-rw-r-- 1 bichomen bichomen  90 Jun  1 09:15 index.html

使用 index.html

使用 index.php

答案1

已经解决了安装 nginx 时遇到的所有问题:

https://github.com/Sonerezh/sonerezh/issues/305

相关内容