How to Solve 'Nginx 403 error: directory index of folder is forbidden' Error

Configuring Directory Indexing

To enable directory indexing in Nginx, modify the server configuration file. Add the autoindex on; directive to the location block. This lets Nginx show the contents of a directory when no index file is present.

Set the right permissions for the folder you want to access. Use the chmod command to give read and execute permissions to the web server user:

chmod 755 /path/to/your/directory

Adjusting File Permissions

Check the ownership of files and directories with the ls -l command. If needed, change the ownership using chown:

chown www-data:www-data /path/to/your/directory

Set the correct read and execute permissions for files and directories. Use chmod:

chmod 644 /path/to/your/files
chmod 755 /path/to/your/directories

Updating Nginx Configuration Settings

Change the location block in the server configuration file to allow access to the directory. Add or update these directives:

location /your-directory {
    allow all;
}

Add or update the index directive to specify which files Nginx should use as index files:

index index.html index.htm index.php;

This tells Nginx to look for these files in order when accessing a directory.

Creating an Index File

Add an index file to the directory to fix the 403 Forbidden error. Create an index.html or index.php file in the folder you want to access. This file will show when someone tries to view the directory contents.

To make Nginx use these files, add or update the index directive in your server block:

index index.html index.htm index.php;

This tells Nginx to look for these files when accessing a directory.

Using try_files Directive

The try_files directive in Nginx helps manage requests when specific files are not found. Add this directive to your location block:

location / {
    try_files $uri $uri/ /index.html;
}

This configuration tells Nginx to:

1. Look for the requested URI
2. Check for a directory with that name
3. Serve the index.html file if neither exists

You can also redirect requests to a default page if no matching files are found:

location / {
    try_files $uri $uri/ /default.html;
}

This approach helps fix 403 errors by providing a fallback option when the requested resource is not available.

Checking SELinux settings

On systems using SELinux, incorrect settings can cause 403 errors. To check if SELinux is active, run:

getenforce

If it shows "Enforcing," SELinux might be blocking access. To allow Nginx to access the directory, use this command:

chcon -Rt httpd_sys_content_t /path/to/your/directory

To disable SELinux temporarily for testing, run:

sudo setenforce 0

Remember to re-enable it after testing.

Verifying Nginx user permissions

Check which user Nginx is running as by looking in the Nginx configuration file (often /etc/nginx/nginx.conf). Look for a line like:

user nginx;

Make sure this user has the right permissions to access your web directory. You can change the ownership of the directory to the Nginx user:

chown -R nginx:nginx /path/to/your/directory

If these steps don't fix the issue, review your Nginx error logs for more details about the 403 error. The logs are usually in /var/log/nginx/error.log.