If you’re trying to install Nginx on Ubuntu or any other Linux distro and getting the nginx 403 Forbidden error while accessing the domain name of your website, then you are at the same place where we were earlier.
In this tutorial, we will learn how to fix the nginx 403 forbidden error.
Table of Contents
We were trying to set up a WordPress website using the LEMP stack i.e. Linux, Nginx, MariaDB (MySQL), and PHP and after doing everything, the website was not accessible and got an error that looks similar to the below one
2023/02/09 22:14:38 [error] 14586#14586: *3 directory index of "/var/www/html/" is forbidden, client: 76.67.54.168, server: example.com, request: "GET / HTTP/1.1", host: "www.example.com"
How To Fix Nginx 403 Forbidden
There are a few things that you will have to check to resolve the issue.
Method 1: Check for Permission
The most common reason for this problem is that the directory where your website resides doesn’t have proper permissions or the user with which nginx is running does not have access to the directory.
To fix this simply check the permission of the directory which will also show who is the owner of the directory.
For example: If your WordPress website or any other website files are in the directory “/var/www/html/”, then run the following command: `ls -ld /var/www/html/`
$ ls -ld /var/www/html/ ubuntu@st-ubuntu:/etc/nginx$ ls -ld /var/www/html/ drwxr-xr-x 3 www-data www-data 4096
If the directory permission is not correct or the owner of the command is not correct, use the chmod or chown command to fix it.
$ sudo chown -R www-data:www-data /var/www/html/ $ sudo chown -R www-data:www-data /var/www/html/example.com $ sudo chmod -R 755 /var/www/html/
Method 2: Check index in server block
This error can also occur if your configuration file is not correct and the “index” is missing from it. So make sure to check that the below line is included in the server block of your website configuration.
index index.php index.html;
Method 3: Check SSL configuration
3. This is unique to us and we found that while installing SSl certificate through certbot, the SSL configuration for the website got copied to the default file and not the website config file.
So you can try to remove certbot certificate, delete or rename the default file present at /etc/nginx/sites-available and then install the SSL certificate again or you can just copy the relevant content from that file and put it into your website configuration file.
Below is the part of the config that we copied and pasted into our WordPress website config and restarted the Nginx server.
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name example.com www.example.com;
return 404; # managed by Certbot
Once you add this don’t forget to run the “nginx -t” command to verify the nginx configuration and restart or reload the nginx server.
ubuntu@st-ubuntu:/etc/nginx$ sudo nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful ubuntu@st-ubuntu:/etc/nginx$ sudo systemctl restart nginx ubuntu@st-ubuntu:/etc/nginx$
We hope that this tutorial will help you fix the “nginx 403 forbidden” error and you will be able to run your website without any issues. If still you are not able to solve the issue or solved this error by any other method, please leave a comment below and we will try to help you.
