Photo by Dim Hou on Unsplash

FIXED: NGINX "403 Forbidden" Error

NGINX Nov 15, 2022
"403 Forbidden" is the most common error when working with NGINX . In this article, we will cover the causes of 403 forbidden NGINX, as well as how to find its cause and fix the underlying problem.

About the error

"403 Forbidden" is a generic NGINX error that indicates that you have requested something and NGINX ( for a number of reasons ) cannot provide it. "403" is an HTTP status code that means the web server has received and understood your request, but is unable to take any further action. Below I have shared possible reasons and their solutions.

Missing NGINX configuration file

By default, NGINX configuration files are located in the /etc/nginx folder . If you browse this directory, you will find several configuration files for various server modules.

The main configuration file is /etc/nginx/nginx.conf . It contains the main directives for NGINX and is the equivalent of Apache's httpd.conf file .

To edit this file, use the command:

CentOS 8: sudo nano /etc/nginx/conf.d/
Ubuntu 22.04: sudo nano /etc/nginx/sites-available/

Invalid index file

One of the most common causes of the 403 forbidden NGINX error is an incorrect index file setup.
nginx.conf specifies which index files should be loaded, and in what order. For example, the line below tells NGINX to look for index.html , then index.htm , then index.php :

index index.html index.htm index.php;

If none of these three files are found in the directory, NGINX will return a "403 Forbidden" error .

Note. File names are case sensitive. If nginx.conf specifies index.html and the file is named Index.html , it will result in a "403 Forbidden" error .

If you want to use an index filename that your NGINX web server does not recognize, edit nginx.conf and add the filename to the index configuration line.

For example, to add to the list of recognized index files, edit this line as follows:

index index.html index.htm index.php;

Save your changes and then restart NGINX with the command:

sudo nginx -s reload

Auto index

An alternative solution is to resolve the directory index. Directory index means that if the index file is not found, the server will display the entire contents of the directory.

For security reasons, the directory index in NGINX is disabled by default.

With "403 forbidden NGINX", if you want to show the directory index in situations where NGINX cannot find ( identify ) the file, edit nginx.conf as described above and add the following two directives to it:

Autoindex on;
Autoindex_exact_size off;

These directives must be added to the location block . You can either add them to an existing location/ block or add a new one. The final result should look like this:

location / {
  [pre-existing configurations, if applicable]
  autoindex on;
  autoindex_exact_size off;

You can also enable directory indexing in a specific folder if you don't want it to be available for the entire site:

location /myfiles {
  autoindex on;
  autoindex_exact_size off;

Save the changes to the file, then restart NGINX with the command:

sudo nginx -s reload

File permissions

Incorrect file permissions are another reason for the "403 Forbidden NGINX" error. For use with NGINX , the recommended default setting is 755 for directories and 644 for files . The NGINX user must also be the owner of the files.

NGINX User Authentication

First you need to determine which user is running NGINX . To do this, use the command:

ps -ef | grep nginx

In this example, the NGINX worker process is running as the nginx user .

Set File Ownership

Go one level up from the site's document root directory. For example, if your site's root directory is /usr/share/nginx/ , navigate to /usr/share/nginx with the command:

cd /usr/share/nginx

Change the ownership of all files in the lower level directories to the nginx user with the command:

sudo chown -R nginx:nginx *

Set permissions

403 forbidden NGINX - Set the permissions for each directory to 755 with the command:

sudo chmod 755 [directory name]

For example, to set permissions for the directory , use the command:

sudo chmod 755

Then change to the web document's root directory:

sudo chmod 755

Change the permissions for all files in this directory with the command:

sudo chmod 644 *

The solutions described above are helpful in the vast majority of cases. I hope they are beneficial to you.


Anurag Deep

Logical by Mind, Creative by Heart