If you have experience working with web servers, then you know that certain situations can lead to errors. One of the most frustrating errors that you may encounter is a 403 Forbidden Nginx Error.
Encountering a 403 Forbidden Nginx Error can prevent you from accessing the resources you need, and it can be a challenge to diagnose and fix. If you happen to encounter this error, it’s important to address it promptly to avoid any potential data loss or website downtime.
It can be difficult to understand what’s causing a 403 Forbidden error in Nginx, and even more challenging to figure out how to resolve it.
However, there’s no need to worry – in this article, we’ll cover everything you need to know about 403 Forbidden errors in Nginx. We’ll provide comprehensive information on what these errors are, how to fix them, and how to prevent them from occurring in the future.
Let us get started then!
The 403 Forbidden Nginx Error is a status code that is typically triggered and displayed to the user when a client, usually a web browser, attempts to access web server resources without sufficient permissions.
In simple terms, this means that the server has denied the request made by the client, and the client is not permitted to access the requested resource.
Read: 🚩 How to Fix WordPress 403 Forbidden Error? [9 Quick Fixes]
Understanding the Basics of HTTP Status Codes
To really understand the 403 Forbidden Nginx error, it’s helpful to have a basic understanding of HTTP status codes. These are three-digit numbers that indicate the status of the request-response cycle between the client and the server.
There are five main categories of HTTP status codes, ranging from informational (100-199) to server errors (500-599). To learn more, you can check out our dedicated blog by clicking on the link below:
Read: 🚩 A Complete Guide to Understanding HTTP Status Codes
How Does Nginx Handle 403 Forbidden Errors?
Now that we know what a 403 Forbidden Nginx error is, let’s talk about how Nginx handles it. When Nginx encounters a 403 Forbidden error, it will typically display a simple message to the user that says “403 Forbidden” or “Access Denied.” This message is generated by the server and can be customized by the website owner if desired.
What are the common Causes of 403 Forbidden Nginx Error?
Let’s take a closer look at the common causes of 403 Forbidden Errors in Nginx. Identifying the culprit can help you proceed with fixing the issue accordingly. These errors can be a real hassle to deal with and they always seem to happen at the most inconvenient times.
Additionally, before we proceed further, it is important to clarify that, this error can be caused by either the client side or the server side. It is not always the case that the server is the culprit.
Server-side errors
- Incorrect file Permissions
- Misconfigured Server Settings
- URL or directory structure
- Server and Firewall issue
Client-side errors
- Server and Firewall issues
- Browser issues
- Accessing the wrong web location
Now, let us check them out in detail,
Incorrect file Permissions
Incorrect file permissions can be a common issue that leads to a 403 Forbidden Nginx error. This can happen when the server doesn’t have the necessary permissions to access a file or directory. It could be that the server user doesn’t have the right ownership or group permissions to access the file, or that the file permissions themselves are set incorrectly.
Misconfigured Server Settings
Issues with the Nginx configuration files can also lead to a 403 Forbidden Nginx error. This could happen if the configuration files are missing, incomplete, or have incorrect settings, such as security settings that prevent access to certain resources. This is often the case if you have recently made changes to your Nginx configuration or if you have recently migrated to a new server.
Incorrect URL or Directory Structure
Another cause of a 403 Forbidden Nginx error is related to problems with the URL or directory structure. This could happen if the user is trying to access a resource that no longer exists or has been moved to a different location. It could also be due to a misconfiguration of the server that causes it to look in the wrong location for the resource.
Server and Firewall issues
Finally, server and firewall issues can sometimes cause a 403 Forbidden Nginx error. For instance, the server could be experiencing high traffic volumes, leading to errors or it could be due to firewall settings that block access to certain resources. In such cases, it’s important to check the server logs to determine the root cause of the issue.
How to Fix 403 Forbidden Nginx Error on Your Site?
If you’re experiencing a 403 Forbidden error in Nginx, there are several steps you can take to troubleshoot the issue. Let us chem them out one by one.
Here is the list of troubleshooting methods:
- Incorrect configuration for the index file
- Check File Permissions
- Verify Nginx configuration
- Restart Nginx
- Check for IP-based restrictions
- Check Your Firewalls and Proxy
- Clear your Browser’s Cache
- Check web location
- Contact the website admin
1. Incorrect configuration for the index file
One of the most common reasons that cause 403 Forbidden Nginx errors is the incorrect configuration for the index file.
The index file is the file that Nginx serves to the client when the client requests the root URL of a website or directory. This file follows specific rules that determine which index file to load and in what order. By default, Nginx looks for files named “index.html”, “index.htm”, “index.php”, or “index.cgi” to serve as the index file.
So, you need to define index files into the location directive as shown below:
location / {
index index.html index.htm index.html inde.php;
}
If none of the mentioned files are found in the directory, the Nginx will return a 403 forbidden error.
2. Check File Permissions
The first thing you should check is the file permissions for the resource you are trying to access. If the file or directory doesn’t have the correct permissions, Nginx won’t be able to serve it to you.
To ensure that Nginx can serve specific files and resources to clients, it is necessary to have the appropriate read, write, and execute (RWX) permissions on the entire path. If the permissions are incorrect, it can result in a 403 Forbidden Nginx error.
To fix this issue, you have to change the directory Permissions to 755 and change the file Permissions to 644. In addition to it make sure if you are running Nginx must own the files as well.
sudo chown -R www-data:www-data *
sudo chmod 755 {dir}
sudo chmod 644 {files}
3. Verify Nginx configuration
The Nginx configuration file can contain errors that cause the 403 Forbidden Nginx error. To check the configuration file, run the command:
sudo nginx -t
This command tests the configuration file and reports any errors. If there are errors, fix them before restarting Nginx.
4. Restart Nginx
If you have made any changes to the Nginx configuration file, you need to restart Nginx to apply the changes. Use the command following command to restart Nginx.
sudo systemctl restart nginx
5. Check for IP-based restrictions
Nginx can block requests from certain IP addresses. To check if your IP address is being blocked, use the command
sudo tail -f /var/log/nginx/error.log
This command shows the Nginx error log in real-time. If your IP address is being blocked, you can add it to the “allow” list in the Nginx configuration file. For example,
location / {
deny 124.33.126.127;
allow 55.159.63.90/24;
deny all;
}
6. Check Your Firewalls and Proxy
To access a web resource, ensure the firewall or proxy isn’t blocking it. Configure settings to allow traffic, add exceptions, or adjust security settings as needed. This way, users can access the resources they need without any restrictions.
7. Clear your Browser’s Cache
Clearing the browser cache can fix a 403 Forbidden Nginx error caused by an outdated or corrupted cache. It forces the browser to download fresh resources from the website, resolving the issue.
If this error is triggered due to a cache-related issue, clearing your browser’s cookies and cache memory can help. Here are the steps you can follow:
Note: Since Chrome has a major Browser market share, here we will be using Chrome for this tutorial.
Step 1: Depending on your browser, navigate to the settings menu. In Google Chrome, you can click on the three vertical dots in the upper right corner of the window.
Step 2: Select “More tools” and Click on “Clear browsing data“.
Step 3: A pop-up window will open on which, you can select all three options under the “Basic” section as shown in the picture below. These options are “Browsing history“, “Cookies and other site data“, and “Cached images and files“.
Step 4: Click on “Clear data” to initiate the process.
8. Check web location
When attempting to access a website or web resource, it’s essential to ensure that you are accessing the correct location on the web. This can involve double-checking the URL or web address to ensure that it is spelled correctly and accurately reflects the desired resource.
If the URL or web address is incorrect, You may be directed to a different location on the web, which can result in errors or prevent us from accessing the desired resource altogether
9. Contact the website admin
If none of the above solutions work, contact the website administrator to see if there are any server-side issues that are causing the error. The website administrator may be able to provide more information about the cause of the error and how to fix it.
How to prevent 403 Forbidden Nginx Error?
The best way to deal with 403 Forbidden Nginx errors is to prevent them from occurring in the first place. Some of the best ways to do this include,
- Using access controls and authentication
- Setting appropriate file and directory permissions
- Implementing SSL/TLS certificates
- Monitoring Server health and performance
- Staying up to date with Nginx Updates and patches.
Conclusion
Encountering a 403 Forbidden Nginx error can be frustrating, but with the right approach, it can be easily fixed. This error can happen due to numerous reasons, but they all mean the same thing – that you have been denied access to the resource you requested.
So whenever you encounter this error, try to understand what’s causing it first. To make things easier, it would be great if you check the error logs first before attempting any troubleshooting methods.
Read: 🚩 You can also read our complete guide on How to access and set up WordPress error logs?
If you have any queries or would like to add any valuable points to it, please do let us know in the comment section below.
Frequently Asked Questions
How do I fix 403 Forbidden Nginx?
Here is the list of complete troubleshooting methods:
1. Incorrect configuration for the index file
2. Check File Permissions
3. Verify Nginx configuration
4. Restart Nginx
5. Check for IP-based restrictions
6. Check Your Firewalls and Proxy
7. Clear your Browser’s Cache
8. Check the web location
9. Contact the website admin
What is error 403 in nginx?
Error 403 in Nginx refers to a “Forbidden” error, which occurs when a user attempts to access a web page or resource that they do not have permission to access. This can happen due to various reasons, such as an incorrect file or directory permissions, IP blocking, or authentication issues.
What causes 403 Forbidden?
The 403 Forbidden can happen due to a variety of reasons, some of the most common causes are listed below:
1. Incorrect File Permissions
2. No Index file or Empty Folder
💡
«403 Forbidden» is the most common error when working with NGINX . In this article, we will cover the causes of 403 forbidden NGINX, as well as how to find its cause and fix the underlying problem.
About the error
«403 Forbidden» is a generic NGINX error that indicates that you have requested something and NGINX ( for a number of reasons ) cannot provide it. «403″ is an HTTP status code that means the web server has received and understood your request, but is unable to take any further action. Below I have shared possible reasons and their solutions.
Missing NGINX configuration file
By default, NGINX configuration files are located in the /etc/nginx folder . If you browse this directory, you will find several configuration files for various server modules.
The main configuration file is /etc/nginx/nginx.conf . It contains the main directives for NGINX and is the equivalent of Apache’s httpd.conf file .
To edit this file, use the command:
CentOS 8: sudo nano /etc/nginx/conf.d/test.example.com.conf
Ubuntu 22.04: sudo nano /etc/nginx/sites-available/test.example.com.confInvalid index file
One of the most common causes of the 403 forbidden NGINX error is an incorrect index file setup.
nginx.conf specifies which index files should be loaded, and in what order. For example, the line below tells NGINX to look for index.html , then index.htm , then index.php :
index index.html index.htm index.php;If none of these three files are found in the directory, NGINX will return a «403 Forbidden» error .
💡
Note. File names are case sensitive. If nginx.conf specifies index.html and the file is named Index.html , it will result in a «403 Forbidden» error .
If you want to use an index filename that your NGINX web server does not recognize, edit nginx.conf and add the filename to the index configuration line.
For example, to add index.py to the list of recognized index files, edit this line as follows:
index index.html index.htm index.php index.py;Save your changes and then restart NGINX with the command:
sudo nginx -s reloadAuto index
An alternative solution is to resolve the directory index. Directory index means that if the index file is not found, the server will display the entire contents of the directory.
For security reasons, the directory index in NGINX is disabled by default.
With «403 forbidden NGINX«, if you want to show the directory index in situations where NGINX cannot find ( identify ) the file, edit nginx.conf as described above and add the following two directives to it:
Autoindex on;
Autoindex_exact_size off;These directives must be added to the location block . You can either add them to an existing location/ block or add a new one. The final result should look like this:
location / {
[pre-existing configurations, if applicable]
autoindex on;
autoindex_exact_size off;
}You can also enable directory indexing in a specific folder if you don’t want it to be available for the entire site:
location /myfiles {
autoindex on;
autoindex_exact_size off;
}Save the changes to the file, then restart NGINX with the command:
sudo nginx -s reloadFile permissions
Incorrect file permissions are another reason for the «403 Forbidden NGINX» error. For use with NGINX , the recommended default setting is 755 for directories and 644 for files . The NGINX user must also be the owner of the files.
NGINX User Authentication
First you need to determine which user is running NGINX . To do this, use the command:
ps -ef | grep nginxIn this example, the NGINX worker process is running as the nginx user .
Set File Ownership
Go one level up from the site’s document root directory. For example, if your site’s root directory is /usr/share/nginx/example.com , navigate to /usr/share/nginx with the command:
cd /usr/share/nginxChange the ownership of all files in the lower level directories to the nginx user with the command:
sudo chown -R nginx:nginx *Set permissions
403 forbidden NGINX — Set the permissions for each directory to 755 with the command:
sudo chmod 755 [directory name]
For example, to set permissions for the example.com directory , use the command:
sudo chmod 755 example.comThen change to the web document’s root directory:
sudo chmod 755 example.comChange the permissions for all files in this directory with the command:
sudo chmod 644 *The solutions described above are helpful in the vast majority of cases. I hope they are beneficial to you.
Thanks!
- NGINX
- Linux
When dealing with servers and web resources, we encounter errors that we cause when performing maintenance and configurations. When you encounter such errors, you need to diagnose and fix the problem as fast as possible to avoid downtime and data loss.
This quick guide will address a common error when working with NGINX servers (403 Forbidden), its causes, and how to fix it.
What is the Nginx 403 Error?
Nginx 403 Forbidden error is a status code generated and displayed to the user when a client tries to access a part of the webserver with insufficient permissions. For example, NGINX protects directory listing and will result in an error 403.
Server Side Causes of Nginx 403 Error
Before we get started, it is good to note that the error can come from the client-side and not the server itself. We shall address the server-side errors first, then client-side errors.
Cause 1: Incorrect Index File
The very first and common cause of the NGINX 403 Forbidden error is an incorrect configuration for the index file.
The Nginx configuration file specifies which index files to load and the order in which to load them. However, if the specified index files are not in the directory, Nginx will return 403 forbidden error.
For example, the config below defines the index files and how they should be loaded
location / {
index index.html index.htm index.html inde.php;
}
One way to resolve this issue is to add the index file specified in the configuration file or add the available index file to the config file.
Another way to solve this issue is to allow Nginx to list directories if the index file is unavailable. Enable this module by adding the following entry to the configuration file.
location / {
autoindex on;
autoindex_exact_size on;
}
NOTE: We do not recommend this method on publicly accessible servers.
For more information on how to serve static content, consider the Nginx documentation resource provided below:
https://docs.nginx.com/nginx/admin-guide/web-server/serving-static-content/
Cause 2: Incorrectly set permissions
Nginx 403 forbidden error can also result from files and directories having incorrectly set permissions. For Nginx to successfully server a specific file and resource to the client, Nginx needs to have RWX—read, write and execute—permissions on the entire path.
To resolve this error, change the directories permission to 755 and the file permissions to 644. Ensure that the user running the Nginx process owns the files. For example, set user to www-data:
sudo chown -R www-data:www-data *
Finally, set the directory and file permissions as:
sudo chmod 755 {dir}
sudo chmod 644 {files}
Client-Side Cause of Error 403
As mention, at other times, the 403 error may user-caused instead of being on the server-side. To resolve such issues on the client-side, perform the following operations.
- Ensure you are accessing the correct web location
- Clear browser cache
- Ensure the firewall or proxy allows you to access the web resource.
Conclusion
This quick guide discussed the causes of the NGIX 403 forbidden error and various ways to fix it. It is good to look at the server logs before attempting any troubleshooting methods.
About the author
My name is John and am a fellow geek like you. I am passionate about all things computers from Hardware, Operating systems to Programming. My dream is to share my knowledge with the world and help out fellow geeks. Follow my content by subscribing to LinuxHint mailing list
- About 403 Error
- 4 Ways Fix 403 Forbidden Error+−
- 1. Wrong Directory or File permissions
- 2. Incorrect Index File
- 3. Directory restrictions by IP
- 4. No index files
- Additional Resources
The 403 Forbidden error is the most common error encountered while working on Nginx web server. But most of the time, it is not related to Nginx itself. 403 Forbidden error means that you don’t have permission to access certain directory or a web page. This error can be caused due to many reason. And in this article we will identify the source of the error and then we will learn how to Fix it.
About 403 Error
Let’s understand “403 Forbidden” error in details.
“403 Forbidden” is an error which indicates that you have requested for something that NGINX cannot deliver. This error is actually an HTTP status code which simply means that the web server has received and understood the request which is made, but cannot process further.
4 Ways Fix 403 Forbidden Error
1. Wrong Directory or File permissions
Incorrect file permissions are one of the most common cause of this “403 Forbidden” error. In case of NGINX, the standard permission settings for directories and and file are 755 and 644 respectively. Moreover, the NGINX user also needs to be the owner of the directory and files.
Identify the NGINX User
To begin, we first need to identify the NGINX user. To check the user, run:
ps -ef | grep nginx
Output:
userwv+ 6016 26683 0 19:28 ttyS0 00:00:00 grep --color=auto nginx root 26734 1 0 Mar20 ? 00:00:00 nginx: master process /usr/sbin; www-data 26739 26734 0 Mar20 ? 00:01:53 nginx: worker process
In our case, we can identify the NGINX worker processe in the third row of the first column.
We can see that the NGINX worker process is running as the user www-data.
Set File Ownership
Since we already know that the standard permission for the directory in case of Nginx is 755 and that of the file is 644. We need to set the file ownership.
For example, if the root folder of your website is /var/www/html/example.com/public_html/, run:
sudo chown -R www-data:www-data /var/www/html/example.com/public_html/
Set Directory Permissions
Now we need to set 755 permissions on each directory in this location.
sudo chmod 755 [directory name]
In our case, we need to set permission on example.com directory. To achieve that, run:
sudo chmod 755 example.com
Now, navigate to the root directory of the website by running:
cd example.com
Now change the file permission to 644 by running:
sudo chmod 644 *
2. Incorrect Index File
The “403 Forbidden” error can appear if the index file is not set properly.
Navigate to the NGINX configuration file and check whether you have updated correct index file or not. To do that, open our NGINX configuration file for example.com, by running:
sudo vim /etc/nginx/sites-available/example.com
For example, if you’re running a WordPress based website, inside the server block your index should be:
index index.php;
If you’re running an HTML based website, your default file must contain .html extension. e.g.,
index index.html;
Chances are there that you might have forgotten to add this line inside the server block. If you have included this line of code, you must check whether you have spelled it correctly or not.
Moreover, you also must keep in mind that these file names are case-sensitive. If the default file name is index.html but the file is named mentioned in NGINX configuration is Index.html, this will throw “403 Forbidden” error.
If you are running some web application that NGINX is not able to recognize, you can edit configuration file and add the file extension.
For example, if you’re running a python based application, you can add index.py to the list of recognized index files:
index index.py;
In case you’re running a web application that uses multiple programming languages, you can add:
index index.php index.html index.py;
Now, update the changes in the configuration file and restart NGINX by running:
sudo nginx -s reload
or
sudo service nginx restart
Autoindex
It is an alternative solution which is useful if you don’t have any index file or no index file is found by NGINX.
The the server will scan and list all of the contents of your website’s root directory by autoindex method. But for security reasons, the directory index is turned off in NGINX by default.
You can turn on this feature by just adjusting a few lines of code. You just need to turn on and turn of the autoindex and autoindex_exact_size respectively.
autoindex on; autoindex_exact_size off;
Now you can add these configurations to the location block. The final result will look like:
location / {
[pre-existing configurations, if applicable]
autoindex on;
autoindex_exact_size off;
}
To activate the directory indexing for some other directories, you can add the forward slash (/) and then the name of the directory. For example:
location /some_directory {
autoindex on;
autoindex_exact_size off;
}
Now, save the changes and reload the NGINX.
sudo nginx -s reload
3. Directory restrictions by IP
Inside your nginx.conf file, check if you have applied allow/deny rule that may be blocking your network. For example:
location / {
# block Oxygen's Computer.
deny 192.168.1.1;
# allow anyone else in 192.168.1.0/24
allow 192.168.1.0/24;
# drop rest of the connections
deny all;
}
4. No index files
This could be a silliest mistake if you don’t have any file name as ‘index (index.php, index.html, index.py)’ inside the root directory of your website. This could also be a reason that your website is throwing a 403 Forbidden Error.
Additional Resources
- HTTP Status Codes on W3C
You might also want to check some other fixes:
- Error Establishing a Database Connection in WordPress Fix
- Fix 502 Bad Gateway Nginx Error in Ubuntu
- Fix: 504 Gateway Timeout Nginx Error
- PHP5-FPM 502 Bad Gateway Error (connect() to unix:/var/run/php5-fpm.sock failed (2: No such file or directory)
- Your PHP installation appears to be missing the MySQL extension which is required by WordPress
I hope you these 4 ways will help you to Fix 403 Forbidden Error.
Which of these ways helped you get rid of this error? Let us know in the comment section below.
What does “403 forbidden” in Nginx mean?
403 forbidden in the Nginx web server means “a requested resource could not be served”. It could be intentional or unintentional. It is not en error but an HTTP status which occurs in the following cases:
- The user has blocked the resources or site as a whole.
- The user tries to access the file set to access internally.
- The user tries to access the resource that has invalid ownership or permissions.
- The user tries to access a directory but “autoindex” is set to “off”. (Not recommended)
If you are sure that issue number 1 and 2 is not the case, then definitely there is either file permission issue or for the following resource the autoindex is set to off.
How to fix 403 forbidden Nginx?
To get rid of the 403 forbidden problems from Nginx, you need to check for the following.
0. Pre-checks
Correct the index file. In your Nginx configuration file under server block. Whatever file you want to serve by default must be addressed in the index configs.
For example, for PHP file just add index.php after index directive.
index index.html index.htm index.php;
If the above settings are correct then proceed ahead.
1. Get the right Owners & Permissions
99% of the time issue is invalid owners or permissions. Correcting them quickly fixes the problem.
Correct the file Owners
In cases where you host a website or run an application, 403 forbidden Nginx error is common due to invalid ownership of the directory and their files. You can correct it by using below or similar code. In my case the owner was nginx. It can be any user like www-data for the website.
sudo chown -R nginx:nginx [directory_path]
- “chown” change the owner.
- “-R” means recursive changes in directory and files.
- “[directory_path]” exact location like /var/www/html or /usr/share/nginx/html.
Correct the File Permissions
If you give invalid file permission or restricted permissions to a path or their files, it won’t be accessible on the front-end. Make sure the directory has the right permission. 755 and 644 are the most common permissions we use on file servers or while hosting a website.
sudo chmod 755 [directory_path]
- “chmod” change mode.
- “775” is directory or file permission.
In majority of the cases above solutions fixes 403 forbidden error occurs in Nginx web server. Still if the error is same check out autoindex settings in your nginx’s configuration file.
2. Set the Autoindex On
Note: This feature is not recommended unless you know what you’re doing.
The auto index is an alternative solution to allow the directory index. Directory index means that if no index file (like index.html, index.htm) is found, the web server will list all of the contents of the directory. For security reasons, the directory index is turned off by default in Nginx.
But in some cases, webmasters need to show directory as an index to allow users to download a file. So how can we set that, let’s check it out…
For root or home location…
location / {
autoindex on;
autoindex_exact_size off;
}
For any specific directory…
location /downloads {
autoindex on;
autoindex_exact_size off;
}
Once changes is saved restart the Nginx using following command.
systemctl restart nginx
We wish everything is working fine now, in case you still face any issue, let us know in the comments section below.