Hi, nice to meet you.This is my first post.
Regarding CentOS 7 nginx (1.14.0) running on VPS, 403 was returned and the cause was not known.
If the document route is set to the default "/usr/share/nginx/html", the "Welcome!" page will be displayed, but if you change the document route to "/usr/share/nginx/www", it will be rejected at 403.
Both directories are empty.
ls-l/usr/share/nginx/
drwxr-x.2 root root38 May 15 23:06 html
drwxr-xr-x.2 root root6 May 1601:29 www
ls-Z/usr/share/nginx/
drwxr-xr-x.root root system_u:object_r:httpd_sys_content_t:s0html
drwxr-xr-x.root root unconfined_u:object_r:usr_t:s0www
getenforce
Permissive
The only changes in the conf file are the document root portion of /etc/nginx/conf.d/default.conf.I have not set php at all.Commenting out as default.
Also, there is nothing wrong with "sudonginx-t".
Please help me solve the problem.
centos nginx selinux
You may want to place the file specified in index (such as index.html) or set autoindex on;.
The following is the result of executing the command "ls-Z/usr/share/nginx/" in the question:
drwxr-xr-x.root root system_u:object_r:httpd_sys_content_t:s0html
drwxr-xr-x.root root unconfined_u:object_r:usr_t:s0www
What we're going to find is
1) The html directory has a SELinux context called "httpd_sys_content_t", which is accessible from the web server (httpd).
2) The www directory does not have a SELinux context of "httpd_sys_content_t", so it cannot be accessed from the web server (httpd).
This means that it is set to
This makes the difference between viewing a file under the directory when accessed by a web server or being rejected with a 403 error.
=Measures =
Resolve the "No SELinux context named "httpd_sys_content_t" to resolve the issue.
Specifically, use the "chcon" command to change the SELinux context.
(See chcon help, etc.)
© 2024 OneMinuteCode. All rights reserved.