I'm trying to setup wordpress with nginx on an AWS ubuntu instance. But so far, I'm unable to get around with this 403 forbidden error which nginx is throwing. Here's my nginx config file:
server {
listen 80;
server_name test.com;
return 301 https://www.test.com$request_uri;
}
server {
listen 80;
server_name www.test.com;
return 301 https://www.test.com$request_uri;
}
server {
listen 443;
server_name test.com;
return 301 https://www.test.com$request_uri;
}
server {
listen 443 ssl;
server_name www.test.com test.com;
root /home/ubuntu/wordpress;
index index.php index.html index.htm;
location / {
alias /home/ubuntu/wordpress;
try_files $uri $uri/ /index.php?$args;
location ~ \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+?\.php)(.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
}
}
My nginx is running with user www-data, while the /home/ubuntu/wordpress directory is owned by ubuntu user. I've however given 775 permission to wordpress directory, so that shouldn't be an issue. But when I access www.test.com, it shows a 403 forbidden error.
The nginx error log shows message like this:
2015/12/20 22:49:26 [error] 27984#0: *39 directory index of "/home/ubuntu/wordpress" is forbidden, client: xx.xxx.xxx.xxx, server: www.test.com, request: "GET / HTTP/1.1", host: "www.test.com"
I've php-fpm running against user www-data. The directory structure of my wordpress site is something like this:
/home/ubuntu/wordpress
|
+-- index.php
+-- wp-content
Here's my .htaccess file, in case you need to see this:
# directory browsing
Options All -Indexes
# Disable access to all file types except the following
Order deny,allow
Deny from all
<Files ~ ".(xml|css|js|jpe?g|png|gif|pdf|docx|rtf|odf|zip|rar)$">
Allow from all
</Files>
# Deny access to wp-config.php file
<files wp-config.php>
order allow,deny
deny from all
</files>
# Deny access to all .htaccess files
<files ~ "^.*\.([Hh][Tt][Aa])">
order allow,deny
deny from all
satisfy all
</files>
# Block wp-includes folder and files
RewriteEngine On
RewriteBase /
RewriteRule ^wp-admin/includes/ - [F,L]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
RewriteRule ^wp-includes/theme-compat/ - [F,L]
I've come across multiple duplicates for this question across different sites on Stack Exchange network. Having gone and tried approaches from 15-20 of them, none of them seem to be working here. I'm not sure what is missing. Can someone please have a look onto this?
One more issue which I found is: When I change alias to root in the location / {} block, nginx starts redirecting me to www.test.com:8089. I'm not sure why it keeps on redirecting to 8089, even though I don't have any such redirection rules currently. I did have that redirection rule earlier, but that's not there anymore. Does nginx caches the redirection rule somewhere? I'm not sure about that. The redirection also happens when I try to access: www.test.com/index.php, with alias thing there.
Please do ask if you need some other file information.
Try following command
chown -R www-data:www-data /home/ubuntu/wordpress