您的位置: 首页  >  技术问答  >  我的网站现在由 NginX 提供的正确权限是什么?

我的网站现在由 NginX 提供的正确权限是什么?

分类: 技术问答 2022-06-11 15:56:11
问题描述:

我在运行 Ubuntu 16.10 的笔记本电脑上运行本地测试服务器.我正在运行 Apache2,但我决定切换到 NginX.遵循诸如 这个,我想我已经启动并运行了 NginX,以及 PHP 7.0 fpm.

I am running a local testing server on my laptop running Ubuntu 16.10. I was running Apache2, but I've decided to switch over to NginX. Following guides like this one, I think I've got NginX up and running, along with PHP 7.0 fpm.

但是,当我加载我的网站之一时,出现403 Forbidden error.NginX 错误日志说:

However, when I load one of my sites, I get a 403 Forbidden error. The NginX error log says :

[error] 14107#14107: *1 directory index of "/var/www/example.com/" is forbidden, client: 127.0.0.1, server: example.com, request: "GET / HTTP/1.1", host: "example.com"

我知道路径中的所有父目录都应该具有正确的权限,但我不清楚正确的权限究竟是什么.如果我理解正确,在 Apache2 下,用户或组 www-data 可以访问这些目录,但我不确定在 NginX 下是否仍然如此.

I understand that all the parent directories in the path should have the right permissions, but I'm unclear on exactly what the correct permissions are. If I understand correctly, under Apache2, the directories were accessible to the user or group www-data, but I'm not sure if that's still true under NginX.

我应该使用什么 chmodchown 命令来确保相关目录具有 NginX 可以访问的权限? 注意我正在用 NginX 完全替换 Apache2,因此无需为 Apache 保留任何设置.

What chmod or chown command should I be using to ensure that the relevant directory has permissions that will make it accessible to NginX? Note that I am completely replacing Apache2 with NginX, so there is no need to preserve any settings for Apache's sake.

另外,作为参考,这里是我网站的当前目录路径和权限.请注意,/var/www 中的目录是指向我的 Dropbox 文件夹中目录的符号链接(如果有影响的话).

Also, for reference, here is the current directory path and permissions of my site. Note that the directory in /var/www is a symlink to a directory in my Dropbox folder, if that has any impact.

$ namei -om /var/www/example.com
f: /var/www/example.com
 drwxr-xr-x root     root     /
 drwxr-xr-x root     root     var
 drwxr-xr-x www-data www-data www
 lrwxrwxrwx www-data www-data example.com -> /home/user/Dropbox/subdir1/subdir2/Site/
   drwxr-xr-x root     root     /
   drwxr-xr-x root     root     home
   drwxr-xr-x user     user     user
   drwx--x--x user     user     subdir1
   drwxrwxr-x user     user     subdir2
   drwxr-xr-x user     user     Web
   drwxr-xr-x user     user     Site

您对 subdir1 的权限有误,请修复:

You have wrong permission for subdir1, fix it:

chmod 755 /home/user/Dropbox/subdir1

甚至更好(递归):

find /var/www/example.com -type d -print0 | xargs -0 chmod 755

至于 nginx 用户,您可以使用 user 配置指令进行设置:

As for nginx user, you can set it with user configuration directive:

user www-data;

您可以在 NGINX 服务器上使用任何用户,您只需要对项目的文件夹 (755) 和文件 (644) 具有正确的权限.我更喜欢不同的用户 nginx,这是很好的做法,但不是必需的.

You can use any user with NGINX server, you just need correct permissions for folders (755) and files (644) of your project. I prefer distinct user nginx, it is good practice, but not necessary.

您可以像这样在 Ubuntu/Debian 中创建系统 nginx 用户:

You can create system nginx user in Ubuntu/Debian like this:

sudo adduser --system --no-create-home --disabled-login --disabled-password --group nginx

相关推荐