How to Solve 'Nginx 403 error: directory index of folder is forbidden' Error

Published July 1, 2024

Problem: Nginx 403 Error When Accessing Directory

When you try to access a directory on a web server running Nginx, you might see a 403 Forbidden error. This error shows that the server understands your request but won't allow it. The message "directory index of folder is forbidden" means Nginx is stopping attempts to view the contents of a specific directory. This prevents you from accessing files or browsing the folder structure.

Solutions to Resolve the Nginx 403 Error

Configuring Directory Indexing

To enable directory indexing in Nginx, modify the server configuration file. Add the autoindex on; directive to the location block. This lets Nginx show the contents of a directory when no index file is present.

Set the right permissions for the folder you want to access. Use the chmod command to give read and execute permissions to the web server user:

chmod 755 /path/to/your/directory

Adjusting File Permissions

Check the ownership of files and directories with the ls -l command. If needed, change the ownership using chown:

chown www-data:www-data /path/to/your/directory

Set the correct read and execute permissions for files and directories. Use chmod:

chmod 644 /path/to/your/files
chmod 755 /path/to/your/directories

Updating Nginx Configuration Settings

Change the location block in the server configuration file to allow access to the directory. Add or update these directives:

location /your-directory {
    allow all;
}

Add or update the index directive to specify which files Nginx should use as index files:

index index.html index.htm index.php;

This tells Nginx to look for these files in order when accessing a directory.

Verifying the Solution

After fixing the Nginx 403 Forbidden error, check if the solution works. Follow these steps:

  1. Restart the Nginx server to apply your changes. Run this command:
sudo systemctl restart nginx

Or on some systems:

sudo service nginx restart
  1. Test the web page access. Open a web browser and try to access the directory that showed the 403 error. If successful, you should see the directory contents or the index file, based on your configuration.

If you still have problems, check your configuration files for mistakes. You can also look at the Nginx error logs for more information about any issues.

Alternative Approaches to Resolve the 403 Forbidden Error

Creating an Index File

Add an index file to the directory to fix the 403 Forbidden error. Create an index.html or index.php file in the folder you want to access. This file will show when someone tries to view the directory contents.

To make Nginx use these files, add or update the index directive in your server block:

index index.html index.htm index.php;

This tells Nginx to look for these files when accessing a directory.

Using try_files Directive

The try_files directive in Nginx helps manage requests when specific files are not found. Add this directive to your location block:

location / {
    try_files $uri $uri/ /index.html;
}

This configuration tells Nginx to:

  1. Look for the requested URI
  2. Check for a directory with that name
  3. Serve the index.html file if neither exists

You can also redirect requests to a default page if no matching files are found:

location / {
    try_files $uri $uri/ /default.html;
}

This approach helps fix 403 errors by providing a fallback option when the requested resource is not available.

Troubleshooting Persistent 403 Errors

If you've tried the previous solutions and still face a 403 Forbidden error, try these steps:

Checking SELinux settings

On systems using SELinux, incorrect settings can cause 403 errors. To check if SELinux is active, run:

getenforce

If it shows "Enforcing," SELinux might be blocking access. To allow Nginx to access the directory, use this command:

chcon -Rt httpd_sys_content_t /path/to/your/directory

To disable SELinux temporarily for testing, run:

sudo setenforce 0

Remember to re-enable it after testing.

Verifying Nginx user permissions

Check which user Nginx is running as by looking in the Nginx configuration file (often /etc/nginx/nginx.conf). Look for a line like:

user nginx;

Make sure this user has the right permissions to access your web directory. You can change the ownership of the directory to the Nginx user:

chown -R nginx:nginx /path/to/your/directory

If these steps don't fix the issue, review your Nginx error logs for more details about the 403 error. The logs are usually in /var/log/nginx/error.log.