[FIXED] 403 Forbidden Error on Nginx Web Server

Updated on : Jan 11, 2020 Category : nginx

Many times you will face a 403 Forbidden error using Nginx web server, and also most times, it is not related to Nginx itself. 403 Forbidden error means you don’t have permission to access that part of the web. This error can be caused by many reasons, and here we will discuss these reasons one by one.  In order to debug or fix 403 Forbidden Nginx errors, all you have to do is check the correct error logs and take the proper action to resolve it.

403 Forbidden errors are Nginx’s way of telling “You have requested for a resource but we cannot give it to you.” The error should like similar to the image below.

403 forbidden error

403 Forbidden is technically not an error but an HTTP status code. 403 response headers are intentionally returned in many cases such as –

  • User is blocked from requesting that page/resource or the site as a whole.
  • User tries to access a directory but autoindex is set to off.
  • User tries to access a file that can be only accessed internally.
  • An issue with the internet resources on the users’ computer.
  • Inputting an incorrect website address;
  • A change of resources on the website;
  • The users’ IP was blocked because of a website policy violation or banned because of other reasons.
  • The browser has timed-out.

When it comes to the reasons on the website administrators’ side, the reasons why an Nginx 403 Forbidden error is issued are different:

  • The index page has been corrupted or renamed with a different name.
  • The index page is located in a directory for which the auto index parameter is off.
  • The files that need to be loaded have incorrect file permissions.
  • The file is in an incorrect format.
  • You experience an error when trying to update the DNS cache by changing the host.
  • Incorrect .httacess configuration or in another configuration file from the server.

The main Nginx configuration file is /etc/nginx/nginx.conf
Nginx error log Location: /var/log/nginx/error.log

Troubleshooting Steps

  1. The first step of this is to check for the process ID of the main Nginx process, you can run the following command and except output somewhat similar to the one indicated below:

    ps x | grep nginx
    24152 ? S 0:00 nginx: master process /usr/sbin/nginx

    The first column of each row is the process ID, as we can see, the main/master process ID is 24152in this case, however, this will change in every system.

  2. Incorrect Index File
    The NGINX configuration file specifies which index files to load, and in which order. For example, this line tells NGINX to look for index.html, then index.htm, then index.php:

    index index.html index.htm index.php;

    If none of those three files is found in the directory, NGINX returns a “403 Forbidden” error. Similarly, for a Python setup, index.py should be defined as a directory index.
    Save and exit the file after adding index.py in directory index., then restart NGINX with the command:

    sudo nginx -s reload

  3. Permissions are not set correctly
    In order to serve a file, Nginx needs to have read permissions for the file as well as execute permissions for every hierarchical parent directory of the file to chdir to it.
    For example, to access the file located at –/usr/share/basezap/logo.jpg
    Nginx needs to have read permissions for the file as well as execute permissions for /, /usr, /usr/share and /usr/share/basezap. If you use the standard 755 for directories and 644 for files (umask: 022), you should not run into this problem.
  4. Directory restrictions by IP and 403 Forbidden error
    Check your nginx.conf file, or your sites nginx .conf file in case you have an allow/deny rule that may be blocking your network, for example:

    location / {
    # block Testing computer.
    deny 192.168.1.1;
    # allow anyone else in 192.168.1.0/24
    allow 192.168.1.0/24;
    # drop rest of the connections on website
    deny all;
    }

  5. Autoindex is off
    If you don’t have an index file, but also have autoindex off set at Nginx config, you will have to turn it on using this method:

    location / {
    autoindex on;
    autoindex_exact_size off;
    }

    autoindex on: Turn auto indexing on
    autoindex_exact_size off: Show file sizes rounded in kb/mb/gb

HTTP 403 forbidden errors can happen for a variety of reasons, however, they all mean the same thing – that you are being denied access to the resource you requested. Whenever you are receiving a 403 forbidden Nginx error, try debugging the error with the suggestions mentioned above. If you aren’t sure and unable to fix the issue then you can reach us out at technical[at]basezap.com address with the issue.