I would like to ask: openresty (1.13.6.2) how to solve the problem that 403 Forbidden appears in the installation directory of the access site?

your own production environment: centos7,openresty,php,mysql

problem: IP access is normal. Enter ip/install to display 403 Forbidden,. I can"t change the permission to / usr/local/openresty/nginx/html directory to 777. How can I solve this problem?
just found that 50x.html can also be displayed, but ip/install/index.php can not.

if I visit my ip adress/install/index.php, and download this file, how can I set up to access index.php correctly?

error.log shows

2018/06/08 10:33:18 [error] 12018-sharp12018: *334 directory index of "/usr/local/openresty/nginx/html/install/" is forbidden,

your own nginx.conf configuration:

user  root;
worker_processes  1;

-sharperror_log  logs/error.log;
-sharperror_log  logs/error.log  notice;
-sharperror_log  logs/error.log  info;

-sharppid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    -sharplog_format  main  "$remote_addr - $remote_user [$time_local] "$request" "
    -sharp                  "$status $body_bytes_sent "$http_referer" "
    -sharp                  ""$http_user_agent" "$http_x_forwarded_for"";

    -sharpaccess_log  logs/access.log  main;

    sendfile        on;
    -sharptcp_nopush     on;
    
    client_max_body_size 8m;    -sharp
    client_body_buffer_size 2m;  -sharp

   -sharpWAF
    lua_shared_dict limit 50m;  -sharpcc50M
    lua_shared_dict guard_dict 100m;
    lua_shared_dict dict_captcha 70m;
    lua_max_running_timers 1;
    lua_package_path "/usr/local/openresty/nginx/conf/waf/?.lua";
    init_by_lua_file "/usr/local/openresty/nginx/conf/waf/init.lua";
    access_by_lua_file "/usr/local/openresty/nginx/conf/waf/access.lua";
   

    -sharpkeepalive_timeout  0;
    keepalive_timeout  65;

    gzip  on;

    server {
        listen       80;
        listen       [::]:80 default_server;
        server_name   my ip address;
        
        -sharpcharset koi8-r;

        -sharpaccess_log  logs/host.access.log  main;

        location / {

            root    html;
            index  index.html index.htm index.php;
        }


        location /phpmyadmin {
            alias /usr/share/phpMyAdmin;
            index index.php;
         }

       location ~ /phpmyadmin/.+\.php$ {
            if ($fastcgi_script_name ~ /phpmyadmin/(.+\.php.*)$) {
             set $valid_fastcgi_script_name $1;
            }
             include fastcgi_params;
             fastcgi_pass 127.0.0.1:9000;
             fastcgi_index index.php;
             fastcgi_param SCRIPT_FILENAME /usr/share/phpMyAdmin/$valid_fastcgi_script_name;
         }

       

        -sharperror_page  404              /404.html;

        -sharp redirect server error pages to the static page /50x.html
        -sharp
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        -sharp 
        -sharp PHP  FastCGI. FastCGI.
        -sharp Fastcgi(PHP,Python).
        location ~ \.php$ {
            -sharp 
            fastcgi_pass   127.0.0.1:9000;
            -sharp nginx()
            fastcgi_index  index.php;
            -sharp 
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            -sharp fastcgi
            include        fastcgi_params;
        }

        -sharp proxy the PHP scripts to Apache listening on 127.0.0.1:80
        -sharp
        -sharplocation ~ \.php$ {
        -sharp    proxy_pass   http://127.0.0.1;
        -sharp}

        -sharp pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        -sharp
        -sharplocation ~ \.php$ {
        -sharp    root           html;
        -sharp    fastcgi_pass   127.0.0.1:9000;
        -sharp    fastcgi_index  index.php;
        -sharp    fastcgi_param  SCRIPT_FILENAME  /document_root$fastcgi_script_name;
        -sharp    include        fastcgi_params;
        -sharp}

        -sharp deny access to .htaccess files, if Apache"s document root
        -sharp concurs with nginx"s one
        -sharp
        -sharplocation ~ /\.ht {
        -sharp    deny  all;
        -sharp}
    }


    -sharp another virtual host using mix of IP-, name-, and port-based configuration
    -sharp
    -sharpserver {
    -sharp    listen       8000;
    -sharp    listen       somename:8080;
    -sharp    server_name  somename  alias  another.alias;

    -sharp    location / {
    -sharp        root   html;
    -sharp        index  index.html index.htm;
    -sharp    }
    -sharp}


    -sharp HTTPS server
    
    server {
        listen  443 ssl http2;
        
        server_name  my ip address;
        charset  utf-8;
        ssl on;
        default_type  text/plain;
        
       
       

       ssl_session_cache    shared:SSL:1m;
       ssl_session_timeout  5m;
       ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

       ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
       ssl_prefer_server_ciphers  on;

       location / {
            root   html;
           index  index.html index.htm index.php;
        }

         location ~ /phpmyadmin/.+\.php$ {
            if ($fastcgi_script_name ~ /phpmyadmin/(.+\.php.*)$) {
             set $valid_fastcgi_script_name $1;
            }
             include fastcgi_params;
             fastcgi_pass 127.0.0.1:9000;
             fastcgi_index index.php;
             fastcgi_param SCRIPT_FILENAME /usr/share/phpMyAdmin/$valid_fastcgi_script_name;
         }

       location ~ \.php$ {
            -sharp 
            fastcgi_pass   127.0.0.1:9000;
            -sharp nginx()
            fastcgi_index  index.php;
            -sharp 
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            -sharp fastcgi
            include        fastcgi_params;
        }


   }

}













Mar.28,2021

  1. you enter IP/install because your Nginx configuration does not add the corresponding location

    .
    -sharp 
    location /install {
        root html; -sharp  root html/install;
        index index.php;
        -sharp 
    }
    -sharp 

    if you do not have such location , directly visiting IP/install will determine that you are looking for 'install' folder

    under the ' html' directory.
  2. * .php the reason for automatic download when accessing a file is usually php-fpm misconfiguration , or php-fpm does not have normal startup listening
  3. I uploaded the Nginx configuration file that can now be used normally, which can be downloaded from here (password: 8qrk).

"if I visit my ip adress/install/index.php, and download this file, how can I set up to access index.php correctly?"
nginx itself cannot parse the php language, so you should need to cooperate with the corresponding module to parse the Php, otherwise it will be downloaded as a file.

Menu