access forbidden by rule on nginx
35,961
If you can't work it out by what you know, work it out by trial and error. Take out the includes one by one, if one of them does it, take out parts of the included file that's the problem. If it's not an included file take out location blocks until it works, or something interesting happens. A process of elimination.
The problem was in a block inside /etc/nginx/common/wpcommon.conf
Related videos on Youtube
Author by
dhiraj
Updated on September 18, 2022Comments
-
dhiraj almost 2 years
I am consistently getting following errors in error.log
2016/02/15 11:54:21 [error] 25085#0: *42344 access forbidden by rule, client: 122.252.249.67, server: example.com, request: "GET /wp-content/uploads/sp-resources/forum-themes/reboot/styles/reboot.php?overlay=chrome&theme=reboot&device=desktop&site=1&ver=4.4.2 HTTP/1.1", host: "example.com", referrer: "http://example.com/index.php/forum/"
I am unable to locate, which rule is denying the access. /etc/nginx/common/locations.conf
# NGINX CONFIGURATION FOR COMMON LOCATION # DO NOT MODIFY, ALL CHANGES LOST AFTER UPDATE EasyEngine (ee) # Basic locations files location = /favicon.ico { access_log off; log_not_found off; expires max; } location = /robots.txt { # Some WordPress plugin gererate robots.txt file # Refer #340 issue try_files $uri $uri/ /index.php?$args; access_log off; log_not_found off; } # Cache static files location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ { add_header "Access-Control-Allow-Origin" "*"; access_log off; log_not_found off; expires max; } # Security settings for better privacy # Deny hidden files location ~ /\.well-known { allow all; } location ~ /\. { deny all; access_log off; log_not_found off; } # Deny backup extensions & log files location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ { deny all; access_log off; log_not_found off; } # Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") { return 403; } # Status pages location /nginx_status { stub_status on; access_log off; include common/acl.conf; } location ~ ^/(status|ping) { include fastcgi_params; fastcgi_pass php; include common/acl.conf; } # EasyEngine (ee) utilities # phpMyAdmin settings location /pma { return 301 https://$host:22222/db/pma; } location /phpMyAdmin { return 301 https://$host:22222/db/pma; } location /phpmyadmin { return 301 https://$host:22222/db/pma; } location /phpmyadmin { return 301 https://$host:22222/db/pma; } # Adminer settings location /adminer { return 301 https://$host:22222/db/adminer; }
/etc/nginx/sites-available/example.com
server { # Uncomment the following line for domain mapping # listen 80 default_server; server_name example.com *.example.com; # Uncomment the following line for domain mapping #server_name_in_redirect off; access_log /var/log/nginx/example.com.access.log rt_cache; error_log /var/log/nginx/example.com.in.error.log; root /var/www/example.com/htdocs; index index.php index.html index.htm; include common/wpfc.conf; include common/wpsubdir.conf; include common/wpcommon.conf; include common/locations.conf; include /var/www/example.com/conf/nginx/*.conf; }
/etc/nginx/sites-enabled/example.com
server { # Uncomment the following line for domain mapping # listen 80 default_server; server_name example.com *.example.com; # Uncomment the following line for domain mapping #server_name_in_redirect off; access_log /var/log/nginx/example.com.access.log rt_cache; error_log /var/log/nginx/example.com.error.log; root /var/www/example.com/htdocs; index index.php index.html index.htm; include common/wpfc.conf; include common/wpsubdir.conf; include common/wpcommon.conf; include common/locations.conf; include /var/www/example.com/conf/nginx/*.conf; }
Additional information: I am using SimplePress on Wordpress. I have installed Wordpress using easyengine.
-
dhiraj over 8 yearsI also tried to set 755 to the files affected, but it didn't solve the issue.
-
Alexey Ten over 8 yearsShow all other
include
s. -
Diamond over 8 years@dhiraj, there is a missing
)
(closing bracket) atlocation ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|$
. correct it and see. -
dhiraj over 8 years@bangal Thanks for pointing out the error. But that was typing mistake. I have not corrected it.
-
dhiraj over 8 yearsFound the solution. It was block inside /etc/nginx/common/wpcommon.conf. @Tim your hint really helped me. Thank you man thank you!
-
-
Mayazcherquoi about 7 years> The problem was in a block inside /etc/nginx/common/wpcommon.conf Excellent! Mind telling me which one?
-
Tim about 7 years@dhiraj may be able to give you an answer. I can't as there wasn't enough information to save for sure.