403 Forbidden on Rails app w/ Nginx, Passenger

Asked 23/10, 2013 at 23:2 Answered 26/1, 2019 at 23:4

Solved ruby-on-rails ruby ubuntu nginx passenger

First off, apologies: I know the 403 Forbidden question is a common one for Rails/Nginx installs, but none of the answers I've read so far have solved it for me.

Disclaimer: This is my first time deploying a Rails app somewhere that isn't Heroku. Please be gentle. ;)

Situation: I have a Rails app running on an Ubuntu 12.04 server, running Nginx (installed with Passenger).

I've deployed my app to my server correctly, but when I attempt to access the site, I receive a 403 Forbidden error.

Checking my error logs, I see:

2013/10/23 22:47:01 [error] 27954#0: *105 directory index of "/var/www/colepeters.com/current/public/" is forbidden, client: 50.3…server: colepeters.com, request: "GET / HTTP/1.1", host: "colepeters.com"
2013/10/23 22:47:10 [error] 27954#0: *106 directory index of "/var/www/colepeters.com/current/public/" is forbidden, client: 184…server: colepeters.com, request: "GET / HTTP/1.1", host: "colepeters.com"
2013/10/23 22:47:12 [error] 27954#0: *107 directory index of "/var/www/colepeters.com/current/public/" is forbidden, client: 151…server: colepeters.com, request: "GET / HTTP/1.1", host: "colepeters.com"

However, when checking permissions on this directory, I see that the user I have setup to use Nginx had both read and execute permissions on it.

Here's the relevant info from my nginx.conf:

user  XXXX;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    passenger_root /home/cole/.rvm/gems/ruby-2.0.0-p247/gems/passenger-4.0.21;
    passenger_ruby /home/cole/.rvm/wrappers/ruby-2.0.0-p247/ruby;

    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
       listen       80;
        server_name  colepeters.com www.colepeters.com;
        passenger_enabled on;
        root /var/www/colepeters.com/current/public/;
        rails_env production;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
          root   /var/www/colepeters.com/current/public;
          index  index.html index.htm;
          # autoindex on;
        }

I would greatly appreciate any help on resolving this. Thanks!

UPDATE I have since corrected the erroneus passenger_ruby path, but the 403 Forbidden is persisting, even after restarting Nginx.

Jabin answered 23/10, 2013 at 23:2 Comment(3)

seems that the root path is not correct in nginx.conf. – Hardly 24/10, 2013 at 0:46

Are you referring to the root path you've mentioned in your answer below, or the server/location root paths? – Jabin 24/10, 2013 at 8:55

yes, the server location root paths. – Hardly 24/10, 2013 at 12:15

You can check the path of your passenger installation with

passenger-config --root

and the path of your ruby installation with

which ruby

then compare with the inserted in nginx.conf.

Hardly answered 24/10, 2013 at 0:51 Comment(3)

Thanks, having done this I noticed that my passenger_ruby directory was incorrect in nginx.conf; however, I'm still getting a 403 Forbidden, even after restarting Nginx. – Jabin 24/10, 2013 at 8:47

403 Forbidden (403 Forbidden) is an HTTP error code returned by the web server when the user or program attempts to gain access to a resource that the server does not allow – Hardly 24/10, 2013 at 12:21

Thanks! For me i need to change this at /etc/nginx/passenger.conf – Dawndawna 30/10, 2016 at 21:41

I got the same error. In my case, I fixed it by removing the location / {} entry. - or make sure that your user have permission to your rails project

...
server {
    listen       80;
    server_name  127.0.0.1;
    passenger_enabled on;
    rails_env production;
    root /www/kalender/public ;

    #charset koi8-r;

    access_log  /var/log/nginx/host.access.log;

    #location / {
       #root   html;
        #index  index.html index.htm;
    #}

Grief answered 29/10, 2013 at 23:2 Comment(0)

Adding passenger_enabled on; to the server directive worked for me.

Duckworth answered 12/6, 2014 at 9:8 Comment(0)

I was running a similar setup to yours and having the same problem with my nginx.conf file. Stumbling across the Nginx pitfalls page helped me solve it.

Your file looks similar to mine, so I'll share two things you may want to try that worked for me:

first, you have the root path in both the server {} block AND the location {} block. While not necessarily a problem, according to the docs linked above "If you add a root to every location block then a location block that isn't matched will have no root." I got rid of the roots in the location blocks but kept it in the server block.
move the 'index' directives (index index.html index.htm;) out of the location block up to within the http {} block. The location blocks will inherit from this.

doing those two things and restarting the server worked for me.

Assail answered 15/12, 2013 at 5:46 Comment(0)

The problem lies in the location / {...} section: the passenger_enabled on doesn't propagate from the server {...} into the location / {...}.

If you either remove location / {...}, or add passenger_enabled on to it, it should work.

Aspia answered 26/9, 2014 at 18:28 Comment(0)

you also have config-file for passenger called passenger.conf by default in /etc/nginx/conf.d/passenger.conf there you have to put correct roots. you can check the roots with these two commands

passenger-config --root

and

which ruby

so when you get these roots you have to compare them with such in your passenger.conf file and it can be e.g. smth like this

#passenger-config --root
passenger_root /usr/share/ruby/vendor_ruby/phusion_passenger/locations.ini;
#which ruby
passenger_ruby /usr/local/rvm/rubies/ruby-2.4.0/bin/ruby;
passenger_instance_registry_dir /var/run/passenger-instreg;

so if you use this way don't forget to make in http section of your nginx.conf

include /etc/nginx/conf.d/passenger.conf

as well as inserting in server section

passenger_enabled on;

Neckpiece answered 26/1, 2019 at 23:4 Comment(0)

The key things are: Remove the location block for the / section, assuming that the Rails application is accessible at /

Ensure the passenger_ruby is pointing to the rvm wrapper script for the selected ruby version

Add execute permissions to user, group and others to all the directories reaching to

/var/www/rails_app/public folder 
/var
/var/www
/var/www/rails_app
/var/www/rails_app/public_foler

Indre answered 11/7, 2014 at 6:52 Comment(0)

You are declaring the root twice inside the server block and inside the /location block as well as directing nginx to use the index directive. Also remove the "/" after public folder

try doing this

user  XXXX;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    passenger_root /home/cole/.rvm/gems/ruby-2.0.0-p247/gems/passenger-4.0.21;
    passenger_ruby /home/cole/.rvm/wrappers/ruby-2.0.0-p247/ruby;

    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    server {
       listen       80;
        server_name  colepeters.com www.colepeters.com;
        passenger_enabled on;
        root /var/www/colepeters.com/current/public;
        rails_env production;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

    }
}

Economical answered 24/10, 2013 at 17:43 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags