Nginx serve static file and got 403 forbidden
You should give nginx permissions to read the file. That means you should give the user that runs the nginx process permissions to read the file.
This user that runs the nginx process is configurable with the user
directive in the nginx config, usually located somewhere on the top of nginx.conf
:
user www-data
http://wiki.nginx.org/CoreModule#user
The second argument you give to user
is the group, but if you don't specify it, it uses the same one as the user, so in my example the user and the group both are www-data
.
Now the files you want to serve with nginx should have the correct permissions. Nginx should have permissions to read the files. You can give the group www-data
read permissions to a file like this:
chown :www-data my-file.html
http://linux.die.net/man/1/chown
with chown
you can change the user and group owner of a file. In this command I only change the group, if you would change the user too you would specify the username BEFORE the colon, like chown www-data:www-data my-file.html
. But setting the group permissions correct should be enough for nginx to be able to read the file.
Since Nginx is handling the static files directly, it needs access to the appropriate directories. We need to give it executable permissions for our home directory.
The safest way to do this is to add the Nginx user to our own user group. We can then add the executable permission to the group owners of our home directory, giving just enough access for Nginx to serve the files:
CentOS / Fedora
sudo usermod -a -G your_user nginx
chmod 710 /home/your_user
Set SELinux to globally permissive mode, run:
sudo setenforce 0
for more info, please visit https://www.nginx.com/blog/using-nginx-plus-with-selinux/
Ubuntu / Debian
sudo usermod -a -G your_user www-data
sudo chown -R :www-data /path/to/your/static/folder
for accepted answer
sudo chown -R :www-data static_folder
for changing group owner of all files in that folder