Nginx displaying failed (13: Permission denied) when trying to access new site
I am trying to set up my own web server to learn a bit more about server admin.
I have decided that I want to serve each sites files from a public_html
folder inside the users /home directory.
I have installed Nginx, edited the nginx.conf and changed the username / group to nginx.
I have added a new user for the new site and changed the vhosts file to look like so;
server {
listen 80;
listen [::]:80;
server_name website.com www.website.com;
root /home/website/public_html;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ =404;
}
location ~* \.php$ {
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
But when I try and get to the site, it returns a 404 Not Found.
When I check the error log, I am seeing the following errors;
2019/01/02 19:49:45 [crit] 18248#0: *1 stat() "/home/website/public_html/" failed (13: Permission denied)
Any chance someone has come across this before and could tell me how to handle it?
I have had a look around and saw some posts about getenforce, but when i run it, it says Disabled
.
I am using CentOS7 if that makes any difference.
Cheers,
Following the guide from this website did it for me (as root):
setsebool -P httpd_enable_homedirs 1
setenforce 0
systemctl restart nginx
systemctl daemon-reload
It is your home directory permission that is denying access to nginx.
Try:
ls -ld /home/website
then
setfacl -R -m u:nginx:rwx /home/website
Or
chown -R nginx:nginx /home/website
chmod 655 /home/website
The solution for me was to set the /home/user/public_html
permissions to 755. By default, it was being created with 751 permissions. This was blocking the nginx user from being able to 'read' it. Certain web hosting panels like VestaCP, CPanel, and others may inadvertently do this when adding a new site through their interface.
Solution:
sudo chmod 755 ~/public_html
(adjust path to your public_html folder)