403 - Where is the error, in nginx or firewall settings?

V

VicTHOR2020-04-03 23:38:23

linux

VicTHOR, 2020-04-03 23:38:23

server.conf

server {
    listen       80 default_server;
    root         /srv/shared/;
    access_log   off;
    error_log    /var/log/nginx/router.error.log;

    #include /etc/nginx/default.d/server.conf;
    #подключаю стандартные настройки для всех серверов
        index index.php index.html index.htm;
        charset utf-8;
        location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
            access_log        off;
            log_not_found     off;
            expires           360d;
        }
        location ~ /\. {
            access_log off;
            log_not_found off; 
            deny all;
        }

    location ~ \.(php|phar)(/.*)?$ {
        #include /etc/nginx/default.d/php-fpm.location.conf;
        #подключаю стандартные fastcgi настройки
            fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
            fastcgi_intercept_errors on;
            include        fastcgi_params;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            fastcgi_param  PATH_INFO $fastcgi_path_info;

        #include /etc/nginx/default.d/location.conf;
        #подключаю стандартные настройки для всех location
            try_files $uri $uri/ =404;
            server_tokens off;
            client_max_body_size 3m;
            client_body_buffer_size 128k;

        fastcgi_pass unix:/var/run/php-fpm/router.sock;
    }

    location / {
        #include /etc/nginx/default.d/location.conf;
        #подключаю стандартные настройки для всех location
            try_files $uri $uri/ =404;
            server_tokens off;
            client_max_body_size 3m;
            client_body_buffer_size 128k;
    }
}

firewall

[[email protected] nginx]# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: enp0s3
  sources: 
  services: cockpit ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
        rule family="ipv4" source address="192.168.0.100" destination address="192.168.0.200" accept

The first experience of setting up servers, I do everything on a virtual machine. Criticism of nginx configs is welcome.
The problem is the following: upon request ip 192.168.0.200 index.php is pulled up, the address remains as ip, everything is correct. If you request a file there, say, 1.txt, its contents are displayed.

UPD (sorry, sleepy confused):
But if I go to the directory inside, I get nginx looking for an index file that does not exist, and the system refuses to even try to find the index file and returns 403

2020/04/03 21:57:12 [error] 3929#0: *15 directory index of "/srv/shared/1/" is forbidden, client: 192.168.0.100, server: , request: "GET /1/ HTTP/1.1", host: "192.168.0.200", referrer: "http://192.168.0.200/"

If there is an index file inside, I immediately get 500.
What is the error?

UPD:
changed

location / {
        include /etc/nginx/default.d/location.conf;

        autoindex on;
        autoindex_localtime on;
        autoindex_exact_size off;
    }

Now it's scrolling, it's not clear why 500.

Reply

Answer the question

In order to leave comments, you need to log in

[[+comments_count]] answer(s)