所以,当我试图打击http://mayall.syniq.co.uk时,nginx给了我一个403 Forbidden错误页面,它应该像http://byrne.syniq.co那样向Rik Mayall吐出一个致敬页面。英国 (不应该花你很长时间来猜测我的命名scheme:))。
namei -l /www/vhosts/mayall.syniq.co.uk/public/index.html产生以下结果:
f: /www/vhosts/mayall.syniq.co.uk/public/index.html drwxr-xr-x root root / drwxr-xr-x www-data www-data www drwxr-xr-x www-data www-data vhosts drwxr-xr-x www-data www-data mayall.syniq.co.uk drwxr-xr-x www-data www-data public -rw-r--r-- www-data www-data index.html 所以这不是权限。 我的虚拟主机configuration如下:
server { listen *:80; listen [::]:80; server_name mayall.syniq.co.uk; # Character Set charset utf-8; # Logs access_log /www/vhosts/mayall.syniq.co.uk/logs/access_log.nginx; error_log /www/vhosts/mayall.syniq.co.uk/logs/error_log.nginx; # Directory Indexes index index.html index.htm; root /www/vhosts/mayall.syniq.co.uk/public; location / { try_files $uri $uri/ =404; } location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { log_not_found off; access_log off; } # Block access to .htaccess location ~ \.ht { deny all; } }
这是日志中显示的内容:
2014/10/01 18:58:20 [error] 20957#0: *1 access forbidden by rule, client: 31.49.162.112, server: mayall.syniq.co.uk, request: "GET / HTTP/1.1", host: "mayall.syniq.co.uk" 2014/10/01 18:58:30 [error] 20957#0: *1 access forbidden by rule, client: 31.49.162.112, server: mayall.syniq.co.uk, request: "GET /index.html HTTP/1.1", host: "mayall.syniq.co.uk"
有任何想法吗?
所以,freenode的#nginx中的一个人为我指出了这一点,但我想他不想在这里发表答案。
我得到403的原因是因为location ~ \.ht块与index.html的.ht匹配,从而错误地正确地阻止了请求。
修正只是在/之前添加一个/ 。 如下:
location ~ /\.ht { deny all; }