Join the community today
Become a Member

Nginx subdirectory php script 403 forbidden on nginx?

Discussion in 'Install & Upgrades or Pre-Install Questions' started by chienb, Nov 27, 2016.

  1. chienb

    chienb New Member

    12
    2
    3
    Nov 27, 2016
    Ratings:
    +3
    Local Time:
    10:25 PM
    installed centminmod and letsencrypt on a fresh cent7.2 server. a day after installing letsencrypt, getting a 403 when trying to access: https://test.mydomain.com/test/index.php

    /test/index.html is working properly. folder permissions are set to 755.

    error.log:
    Code:
    2016/11/26 09:30:19 [error] 3975#0: *269 access forbidden by rule, client: 12.12.12.123, server: test.mydomain.com, request: "GET /test/index.php HTTP/2.0", host: "test.mydomain.com"
    nginx.conf.default:
    Code:
    #user  nobody;
    worker_processes  1;
    
    #error_log  logs/error.log;
    #error_log  logs/error.log  notice;
    #error_log  logs/error.log  info;
    
    #pid        logs/nginx.pid;
    
    
    events {
        worker_connections  1024;
    }
    
    
    http {
        include       mime.types;
        default_type  application/octet-stream;
    
        #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
        #                  '$status $body_bytes_sent "$http_referer" '
        #                  '"$http_user_agent" "$http_x_forwarded_for"';
    
        #access_log  logs/access.log  main;
    
        sendfile        on;
        #tcp_nopush     on;
    
        #keepalive_timeout  0;
        keepalive_timeout  65;
    
        #gzip  on;
    
        server {
            listen       80;
            server_name  localhost;
    
            #charset koi8-r;
    
            #access_log  logs/host.access.log  main;
    
            location / {
                root   html;
                index  index.html index.htm;
            }
    
            #error_page  404              /404.html;
    
            # redirect server error pages to the static page /50x.html
            #
            error_page   500 502 503 504  /50x.html;
            location = /50x.html {
                root   html;
            }
    
            # proxy the PHP scripts to Apache listening on 127.0.0.1:80
            #
            #location ~ \.php$ {
            #    proxy_pass   http://127.0.0.1;
            #}
    
            # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
            #
            #location ~ \.php$ {
            #    root           html;
            #    fastcgi_pass   127.0.0.1:9000;
            #    fastcgi_index  index.php;
            #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
            #    include        fastcgi_params;
            #}
    
            # deny access to .htaccess files, if Apache's document root
            # concurs with nginx's one
            #
            #location ~ /\.ht {
            #    deny  all;
            #}
        }
    
    
        # another virtual host using mix of IP-, name-, and port-based configuration
        #
        #server {
        #    listen       8000;
        #    listen       somename:8080;
        #    server_name  somename  alias  another.alias;
    
        #    location / {
        #        root   html;
        #        index  index.html index.htm;
        #    }
        #}
    
    
        # HTTPS server
        #
        #server {
        #    listen       443 ssl;
        #    server_name  localhost;
    
        #    ssl_certificate      cert.pem;
        #    ssl_certificate_key  cert.key;
    
        #    ssl_session_cache    shared:SSL:1m;
        #    ssl_session_timeout  5m;
    
        #    ssl_ciphers  HIGH:!aNULL:!MD5;
        #    ssl_prefer_server_ciphers  on;
    
        #    location / {
        #        root   html;
        #        index  index.html index.htm;
        #    }
        #}
    
    }
    

     
  2. eva2000

    eva2000 Administrator Staff Member

    30,938
    6,912
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,408
    Local Time:
    4:25 PM
    Nginx 1.13.x
    MariaDB 5.5
    Did you follow Getting Started Guide steps ?

    When you create a new nginx vhost domain via centmin.sh menu option 2 or menu option 22 or via /usr/bin/nv cli command line, you will create the Nginx vhost files and directories. You will get an outputted the path location where it will create the domain name's vhost conf file named newdomain.com.conf (and newdomain.com.ssl.conf if you selected yes to self signed SSL)
    • Nginx vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.conf
    • Nginx HTTP/2 SSL vhost conf path will be at /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf
    • Nginx Self-Signed SSL Certificate Directory at /usr/local/nginx/conf/ssl/newdomain.com
    • Vhost public web root will be at /home/nginx/domains/newdomain.com/public
    • Vhost log directory will be at /home/nginx/domains/newdomain.com/log
    Please post the contents of /usr/local/nginx/conf/conf.d/newdomain.com.conf and if applicable /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf wrapped in CODE tags (outlined at How to use forum BBCODE code tags)
     
  3. chienb

    chienb New Member

    12
    2
    3
    Nov 27, 2016
    Ratings:
    +3
    Local Time:
    10:25 PM
    /usr/local/nginx/conf/conf.d only contains 4 files:
    • demodomain.com.conf
    • dlserv1.filesparq.com.ssl.conf
    • ssl.conf
    • virtual.conf

    dlserv1.filesparq.com.ssl.conf:
    Code:
    #x# HTTPS-DEFAULT
    server {
     
      server_name dlserv1.filesparq.com www.dlserv1.filesparq.com;
      return 302 https://$server_name$request_uri;
    }
    
    server {
      listen 443 ssl http2;
      server_name dlserv1.filesparq.com www.dlserv1.filesparq.com;
    
      include /usr/local/nginx/conf/ssl/dlserv1.filesparq.com/dlserv1.filesparq.com.crt.key.conf;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      # mozilla recommended
      ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
    
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
     
      # enable ocsp stapling
      resolver 8.8.8.8 8.8.4.4 valid=10m;
      resolver_timeout 10s;
      ssl_stapling on;
      ssl_stapling_verify on;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/dlserv1.filesparq.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/dlserv1.filesparq.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/dlserv1.filesparq.com/autoprotect-dlserv1.filesparq.com.conf;
      root /home/nginx/domains/dlserv1.filesparq.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
      # Enable for vBulletin usage WITHOUT vbSEO installed
      # More example Nginx vhost configurations at
      # http://centminmod.com/nginx_configure.html
      #try_files    $uri $uri/ /index.php;
    
      }
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    
    I also tried adding the following to nginx.default.conf:
    Code:
            location /filehost_dl {
                root   /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl;
                index  index.html index.htm index.php;
            }
     
  4. eva2000

    eva2000 Administrator Staff Member

    30,938
    6,912
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,408
    Local Time:
    4:25 PM
    Nginx 1.13.x
    MariaDB 5.5
  5. chienb

    chienb New Member

    12
    2
    3
    Nov 27, 2016
    Ratings:
    +3
    Local Time:
    10:25 PM
    changed and added the settings to dlserv1.filesparq.com.ssl.conf, restarted nginx, still getting 403.
     
  6. eva2000

    eva2000 Administrator Staff Member

    30,938
    6,912
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,408
    Local Time:
    4:25 PM
    Nginx 1.13.x
    MariaDB 5.5
    What's current contents of dlserv1.filesparq.com.ssl.conf ?
     
  7. chienb

    chienb New Member

    12
    2
    3
    Nov 27, 2016
    Ratings:
    +3
    Local Time:
    10:25 PM
    Code:
    #x# HTTPS-DEFAULT
    server {
     
      location /filehost_dl {
         root   /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl;
         index  index.html index.htm index.php;
      }
    
    }
    
    server {
     
      server_name dlserv1.filesparq.com www.dlserv1.filesparq.com;
      return 302 https://$server_name$request_uri;
    }
    
    server {
      listen 443 ssl http2;
      server_name dlserv1.filesparq.com www.dlserv1.filesparq.com;
    
      include /usr/local/nginx/conf/ssl/dlserv1.filesparq.com/dlserv1.filesparq.com.crt.key.conf;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      # mozilla recommended
      ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
    
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
     
      # enable ocsp stapling
      resolver 8.8.8.8 8.8.4.4 valid=10m;
      resolver_timeout 10s;
      ssl_stapling on;
      ssl_stapling_verify on;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/dlserv1.filesparq.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/dlserv1.filesparq.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/dlserv1.filesparq.com/autoprotect-dlserv1.filesparq.com.conf;
      root /home/nginx/domains/dlserv1.filesparq.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
      # Enable for vBulletin usage WITHOUT vbSEO installed
      # More example Nginx vhost configurations at
      # http://centminmod.com/nginx_configure.html
      #try_files    $uri $uri/ /index.php;
    
      }
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    
     
  8. eva2000

    eva2000 Administrator Staff Member

    30,938
    6,912
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,408
    Local Time:
    4:25 PM
    Nginx 1.13.x
    MariaDB 5.5
    you placed the code incorrectly
    Code (Text):
    #x# HTTPS-DEFAULT
    server {
    
      location /filehost_dl {
         root   /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl;
         index  index.html index.htm index.php;
      }
    
    }
    

    is all incorrect as you place only
    Code (Text):
      location /filehost_dl {
         root   /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl;
         index  index.html index.htm index.php;
      }
    

    within the existing http2 ssl server{} context in dlserv1.filesparq.com.ssl.conf so it becomes AND you probably don't need the line
    Code (Text):
        root   /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl;
    

    but because you server php from that location context /filehost_dl you need the php.conf include file include /usr/local/nginx/conf/php.conf too.

    so it becomes just
    Code (Text):
    #x# HTTPS-DEFAULT
    server {
     
      server_name dlserv1.filesparq.com www.dlserv1.filesparq.com;
      return 302 https://$server_name$request_uri;
    }
    
    server {
      listen 443 ssl http2;
      server_name dlserv1.filesparq.com www.dlserv1.filesparq.com;
    
      include /usr/local/nginx/conf/ssl/dlserv1.filesparq.com/dlserv1.filesparq.com.crt.key.conf;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      http2_max_field_size 16k;
      http2_max_header_size 32k;
      # mozilla recommended
      ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
    
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
      #spdy_headers_comp 5;
      ssl_buffer_size 1369;
      ssl_session_tickets on;
     
      # enable ocsp stapling
      resolver 8.8.8.8 8.8.4.4 valid=10m;
      resolver_timeout 10s;
      ssl_stapling on;
      ssl_stapling_verify on;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/dlserv1.filesparq.com/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/dlserv1.filesparq.com/log/error.log;
    
      include /usr/local/nginx/conf/autoprotect/dlserv1.filesparq.com/autoprotect-dlserv1.filesparq.com.conf;
      root /home/nginx/domains/dlserv1.filesparq.com/public;
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      include /usr/local/nginx/conf/503include-main.conf;
    
      location / {
      include /usr/local/nginx/conf/503include-only.conf;
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
      # Enables directory listings when index file not found
      #autoindex  on;
    
      # Shows file listing times as local time
      #autoindex_localtime on;
    
      # Enable for vBulletin usage WITHOUT vbSEO installed
      # More example Nginx vhost configurations at
      # http://centminmod.com/nginx_configure.html
      #try_files    $uri $uri/ /index.php;
    
      }
    
      location /filehost_dl {
         index  index.html index.htm index.php;
         include /usr/local/nginx/conf/php.conf;
      }
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
     
  9. chienb

    chienb New Member

    12
    2
    3
    Nov 27, 2016
    Ratings:
    +3
    Local Time:
    10:25 PM
    still 403... the error in log "access forbidden by rule" makes me wonder if there is something like DENY preventing access but couldn't find anything in any of the .conf blocks. the only thing i found is the DENY ALL in virtual.conf:

    Code:
    server {
    #         listen   80;
                listen   80 default_server backlog=2048 reuseport;
                server_name CC9;
                root   html;
    
            access_log              /var/log/nginx/localhost.access.log     main_ext buffer=256k flush=5m;
            error_log               /var/log/nginx/localhost.error.log      error;
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    # limit_conn limit_per_ip 16;
    # ssi  on;
    
            location /nginx_status {
            stub_status on;
            access_log   off;
            allow 127.0.0.1;
            #allow youripaddress;
            deny all;
            }
    
                location / {
    
    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;
    
    #         Enables directory listings when index file not found
    #        autoindex  on;
    
    #        Shows file listing times as local time
    #        autoindex_localtime on;
    
    #        Enable for vBulletin usage WITHOUT vbSEO installed
    #        try_files        $uri $uri/ /index.php;
                
                }
    
            # example nginx-http-concat
            # /csstest/??one.css,two.css
            #location /csstest {
            #concat on;
            #concat_max_files 20;
            #}
    
    include /usr/local/nginx/conf/staticfiles.conf;
    include /usr/local/nginx/conf/include_opcache.conf;
    include /usr/local/nginx/conf/php.conf;
    #include /usr/local/nginx/conf/phpstatus.conf;
    include /usr/local/nginx/conf/drop.conf;
    #include /usr/local/nginx/conf/errorpage.conf;
    include /usr/local/nginx/conf/vts_mainserver.conf;
    
    }
     
  10. eva2000

    eva2000 Administrator Staff Member

    30,938
    6,912
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,408
    Local Time:
    4:25 PM
    Nginx 1.13.x
    MariaDB 5.5
    does /filehost_dl have an index.html or index.php file ? nginx by default gives 403 permission to directories which do not have a index file
     
  11. chienb

    chienb New Member

    12
    2
    3
    Nov 27, 2016
    Ratings:
    +3
    Local Time:
    10:25 PM
    /filehost_dl directory looks like this:
    • data (folder)
    • hosts (folder)
    • images (folder)
    • lang (folder)
    • skin (folder)
    .htaccess
    add.php
    ajax.js
    class.php
    config.php
    debug.php
    index.php
    login.php
    process.php
    readme.md

    index.php:
    PHP:
    <?php
    $using 
    = isset($_COOKIE['using']) ? $_COOKIE['using'] : 'default';
    $using = isset($_REQUEST['using']) ? $_REQUEST['using'] : $using;
    setcookie('using'$using);
    ob_start();
    ob_implicit_flush(TRUE);
    ignore_user_abort(0);
    if (!
    ini_get('safe_mode')) set_time_limit(30);
    define('vinaget''yes');
    require_once(
    'class.php');
    $obj = new stream_get();
    $obj->using $using;
    $obj->current_version 104;
    $obj->msg false;
    if (!empty(
    $_COOKIE['msg'])) $obj->msg htmlspecialchars($_COOKIE['msg']);
    setcookie('msg''');
    $host $obj->list_host;
    $skin "skin/{$obj->skin}";
    error_reporting($obj->display_error E_ALL 0);
    if (
    $obj->Deny == false){
        require_once(
    "{$skin}/function.php");
        if (isset(
    $_POST['urllist'])) $obj->main();
        elseif (isset(
    $_GET['infosv'])) showStat();
        elseif (!isset(
    $_POST['urllist'])) include("{$skin}/index.php");
    }
    else include(
    "{$skin}/login.php");
    ob_end_flush();
    ?>
    I tried deleting the .htaccess, but made no difference.
     
  12. eva2000

    eva2000 Administrator Staff Member

    30,938
    6,912
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,408
    Local Time:
    4:25 PM
    Nginx 1.13.x
    MariaDB 5.5
    check file permissions
    Code (Text):
    ls -lahR /home/nginx/domains/domain.com/public/filehost_dl 
     
  13. chienb

    chienb New Member

    12
    2
    3
    Nov 27, 2016
    Ratings:
    +3
    Local Time:
    10:25 PM
    Code:
    total 152K
    drwxrwxrwx 7 root  nginx 4.0K Nov 29 07:26 .
    drwxr-s--- 3 nginx nginx 4.0K Nov 28 22:04 ..
    -rwxrwxrwx 1 root  nginx 2.5K May 16  2016 add.php
    -rwxrwxrwx 1 root  nginx  15K May 16  2016 ajax.js
    -rwxrwxrwx 1 root  nginx  71K May 16  2016 class.php
    -rwxrwxrwx 1 root  nginx 1.7K May 16  2016 config.php
    drwxrwxrwx 3 root  nginx 4.0K Nov 28 22:04 data
    -rwxrwxrwx 1 root  nginx  835 May 16  2016 debug.php
    drwxrwxrwx 2 root  nginx 4.0K Nov 28 22:05 hosts
    -rw-r--r-- 1 root  nginx 1.5K May 16  2016 .htaccess
    drwxrwxrwx 2 root  nginx 4.0K Nov 28 22:05 images
    -rwxrwxrwx 1 root  nginx  900 May 16  2016 index.php
    drwxrwxrwx 2 root  nginx 4.0K Nov 28 22:05 lang
    -rwxrwxrwx 1 root  nginx 1.4K May 16  2016 login.php
    -rwxrwxrwx 1 root  nginx 3.3K May 16  2016 proccess.php
    -rw-r--r-- 1 root  nginx 1.9K May 16  2016 README.md
    drwxrwxrwx 4 root  nginx 4.0K Nov 28 22:05 skin
    -rw-r--r-- 1 root  nginx   23 Nov 28 21:02 test.html
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/data:
    total 16K
    drwxrwxrwx 3 root nginx 4.0K Nov 28 22:04 .
    drwxrwxrwx 7 root nginx 4.0K Nov 29 07:26 ..
    -rw-r--r-- 1 root nginx    0 May 16  2016 account.dat
    -rw-r--r-- 1 root nginx    0 May 16  2016 config.dat
    -rw-r--r-- 1 root nginx    0 May 16  2016 cookie.dat
    drwxr-sr-x 2 root nginx 4.0K Nov 28 22:05 files
    -rw-r--r-- 1 root nginx   62 May 16  2016 index.php
    -rw-r--r-- 1 root nginx    0 May 16  2016 log.txt
    -rw-r--r-- 1 root nginx    0 May 16  2016 online.dat
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/data/files:
    total 12K
    drwxr-sr-x 2 root nginx 4.0K Nov 28 22:05 .
    drwxrwxrwx 3 root nginx 4.0K Nov 28 22:04 ..
    -rw-r--r-- 1 root nginx   62 May 16  2016 index.php
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/images:
    total 220K
    drwxrwxrwx 2 root nginx 4.0K Nov 28 22:05 .
    drwxrwxrwx 7 root nginx 4.0K Nov 29 07:26 ..
    -rw-r--r-- 1 root nginx 2.8K May 16  2016 bglist.png
    -rw-r--r-- 1 root nginx 1.1K May 16  2016 button_bg1.gif
    -rw-r--r-- 1 root nginx 1014 May 16  2016 button_bg2.gif
    -rw-r--r-- 1 root nginx  717 May 16  2016 button_bg3.gif
    -rw-r--r-- 1 root nginx 1.9K May 16  2016 chk_error.png
    -rw-r--r-- 1 root nginx  162 May 16  2016 chk_good.png
    -rw-r--r-- 1 root nginx 3.7K May 16  2016 error.png
    -rw-r--r-- 1 root nginx  92K May 16  2016 jquery-1.7.1.min.js
    -rw-r--r-- 1 root nginx  847 May 16  2016 loading_black.gif
    -rw-r--r-- 1 root nginx  11K May 16  2016 loading.gif
    -rw-r--r-- 1 root nginx  847 May 16  2016 loading_white.gif
    -rw-r--r-- 1 root nginx 6.1K May 16  2016 sprintf.js
    -rw-r--r-- 1 root nginx 6.7K May 16  2016 success.png
    -rw-r--r-- 1 root nginx  27K May 16  2016 Thumbs.db
    -rw-r--r-- 1 root nginx 8.9K May 16  2016 vngicon.png
    -rw-r--r-- 1 root nginx 9.6K May 16  2016 ZeroClipboard.js
    -rw-r--r-- 1 root nginx 1.1K May 16  2016 ZeroClipboard.swf
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/lang:
    total 72K
    drwxrwxrwx 2 root nginx 4.0K Nov 28 22:05 .
    drwxrwxrwx 7 root nginx 4.0K Nov 29 07:26 ..
    -rw-r--r-- 1 root nginx 5.0K May 16  2016 english.php
    -rw-r--r-- 1 root nginx 5.4K May 16  2016 german.php
    -rw-r--r-- 1 root nginx 5.2K May 16  2016 italian.php
    -rw-r--r-- 1 root nginx 5.1K May 16  2016 polish.php
    -rw-r--r-- 1 root nginx 5.2K May 16  2016 portuguese.php
    -rw-r--r-- 1 root nginx 5.5K May 16  2016 spanish.php
    -rw-r--r-- 1 root nginx 6.2K May 16  2016 turkish.php
    -rw-r--r-- 1 root nginx 6.1K May 16  2016 vietnamese.php
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin:
    total 16K
    drwxrwxrwx 4 root nginx 4.0K Nov 28 22:05 .
    drwxrwxrwx 7 root nginx 4.0K Nov 29 07:26 ..
    drwxr-sr-x 6 root nginx 4.0K Nov 28 22:06 bootstrap
    drwxrwxrwx 2 root nginx 4.0K Nov 28 22:06 default
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/bootstrap:
    total 60K
    drwxr-sr-x 6 root nginx 4.0K Nov 28 22:06 .
    drwxrwxrwx 4 root nginx 4.0K Nov 28 22:05 ..
    -rw-r--r-- 1 root nginx 6.2K May 16  2016 admin.php
    -rw-r--r-- 1 root nginx 4.2K May 16  2016 checkaccount.php
    drwxr-sr-x 2 root nginx 4.0K Nov 28 22:06 css
    -rw-r--r-- 1 root nginx 2.5K May 16  2016 function.php
    drwxr-sr-x 2 root nginx 4.0K Nov 28 22:06 icons
    drwxr-sr-x 2 root nginx 4.0K Nov 28 22:06 img
    -rw-r--r-- 1 root nginx  12K May 16  2016 index.php
    drwxr-sr-x 2 root nginx 4.0K Nov 28 22:06 js
    -rw-r--r-- 1 root nginx 3.3K May 16  2016 login.php
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/bootstrap/css:
    total 132K
    drwxr-sr-x 2 root nginx 4.0K Nov 28 22:06 .
    drwxr-sr-x 6 root nginx 4.0K Nov 28 22:06 ..
    -rw-r--r-- 1 root nginx 124K May 16  2016 bootstrap.min.css
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/bootstrap/icons:
    total 12K
    drwxr-sr-x 2 root nginx 4.0K Nov 28 22:06 .
    drwxr-sr-x 6 root nginx 4.0K Nov 28 22:06 ..
    -rw-r--r-- 1 root nginx  623 May 16  2016 datafile.com.png
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/bootstrap/img:
    total 36K
    drwxr-sr-x 2 root nginx 4.0K Nov 28 22:06 .
    drwxr-sr-x 6 root nginx 4.0K Nov 28 22:06 ..
    -rw-r--r-- 1 root nginx  13K May 16  2016 glyphicons-halflings.png
    -rw-r--r-- 1 root nginx 8.6K May 16  2016 glyphicons-halflings-white.png
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/bootstrap/js:
    total 40K
    drwxr-sr-x 2 root nginx 4.0K Nov 28 22:06 .
    drwxr-sr-x 6 root nginx 4.0K Nov 28 22:06 ..
    -rw-r--r-- 1 root nginx  29K May 16  2016 bootstrap.min.js
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/default:
    total 56K
    drwxrwxrwx 2 root nginx 4.0K Nov 28 22:06 .
    drwxrwxrwx 4 root nginx 4.0K Nov 28 22:05 ..
    -rwxrwxrwx 1 root nginx 6.4K May 16  2016 admin.php
    -rwxrwxrwx 1 root nginx 4.2K May 16  2016 checkaccount.php
    -rwxrwxrwx 1 root nginx 1.5K May 16  2016 function.php
    -rwxrwxrwx 1 root nginx  12K May 16  2016 index.php
    -rwxrwxrwx 1 root nginx 4.6K May 16  2016 login.php
    -rwxrwxrwx 1 root nginx 4.1K May 16  2016 rl_style_pm.css
     
  14. eva2000

    eva2000 Administrator Staff Member

    30,938
    6,912
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,408
    Local Time:
    4:25 PM
    Nginx 1.13.x
    MariaDB 5.5
    set nginx user/group permissions
    Code (Text):
    chown -R nginx:nginx /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl

    probably can do for entire site
    Code (Text):
    chown -R nginx:nginx /home/nginx/domains/dlserv1.filesparq.com/public
     
  15. chienb

    chienb New Member

    12
    2
    3
    Nov 27, 2016
    Ratings:
    +3
    Local Time:
    10:25 PM
    still the same unfortunately...
     
  16. eva2000

    eva2000 Administrator Staff Member

    30,938
    6,912
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,408
    Local Time:
    4:25 PM
    Nginx 1.13.x
    MariaDB 5.5
    re-check file permissions
    Code (Text):
    ls -lahR /home/nginx/domains/domain.com/public/filehost_dl 
     
  17. eva2000

    eva2000 Administrator Staff Member

    30,938
    6,912
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,408
    Local Time:
    4:25 PM
    Nginx 1.13.x
    MariaDB 5.5
    could be related to the auto protect Beta Branch - autoprotect.sh - apache .htaccess check & migration to nginx deny all | Centmin Mod Community include file
    Code (Text):
    include /usr/local/nginx/conf/autoprotect/dlserv1.filesparq.com/autoprotect-dlserv1.filesparq.com.conf;
    

    What's it's contents
    Code (Text):
    cat /usr/local/nginx/conf/autoprotect/dlserv1.filesparq.com/autoprotect-dlserv1.filesparq.com.conf
    

    you can exclude the directory from autoprotect as outlined at Beta Branch - autoprotect.sh - apache .htaccess check & migration to nginx deny all | Centmin Mod Community

    create an empty .autoprotect-bypass file at /home/nginx/domains/domain.com/public/filehost_dl using touch command and from Nginx - subdirectory php script 403 forbidden on nginx? also exclude /filehost_dl/hosts/
    Code (Text):
    touch /home/nginx/domains/domain.com/public/filehost_dl/.autoprotect-bypass
    touch /home/nginx/domains/domain.com/public/filehost_dl/hosts/.autoprotect-bypass
    

    then re-run manually the script
    Code (Text):
    /usr/local/src/centminmod/tools/autoprotect.sh
    

    which will regenerate up to date /usr/local/nginx/conf/autoprotect/dlserv1.filesparq.com/autoprotect-dlserv1.filesparq.com.conf include file
     
    Last edited: Nov 29, 2016
  18. chienb

    chienb New Member

    12
    2
    3
    Nov 27, 2016
    Ratings:
    +3
    Local Time:
    10:25 PM
    Code:
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl:
    total 152K
    drwxrwxrwx 7 nginx nginx 4.0K Nov 29 07:26 .
    drwxr-s--- 3 nginx nginx 4.0K Nov 28 22:04 ..
    -rwxrwxrwx 1 nginx nginx 2.5K May 16  2016 add.php
    -rwxrwxrwx 1 nginx nginx  15K May 16  2016 ajax.js
    -rwxrwxrwx 1 nginx nginx  71K May 16  2016 class.php
    -rwxrwxrwx 1 nginx nginx 1.7K May 16  2016 config.php
    drwxrwxrwx 3 nginx nginx 4.0K Nov 28 22:04 data
    -rwxrwxrwx 1 nginx nginx  835 May 16  2016 debug.php
    drwxrwxrwx 2 nginx nginx 4.0K Nov 28 22:05 hosts
    -rw-r--r-- 1 nginx nginx 1.5K May 16  2016 .htaccess
    drwxrwxrwx 2 nginx nginx 4.0K Nov 28 22:05 images
    -rwxrwxrwx 1 nginx nginx  900 May 16  2016 index.php
    drwxrwxrwx 2 nginx nginx 4.0K Nov 28 22:05 lang
    -rwxrwxrwx 1 nginx nginx 1.4K May 16  2016 login.php
    -rwxrwxrwx 1 nginx nginx 3.3K May 16  2016 proccess.php
    -rw-r--r-- 1 nginx nginx 1.9K May 16  2016 README.md
    drwxrwxrwx 4 nginx nginx 4.0K Nov 28 22:05 skin
    -rw-r--r-- 1 nginx nginx   23 Nov 28 21:02 test.html
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/data:
    total 16K
    drwxrwxrwx 3 nginx nginx 4.0K Nov 28 22:04 .
    drwxrwxrwx 7 nginx nginx 4.0K Nov 29 07:26 ..
    -rw-r--r-- 1 nginx nginx    0 May 16  2016 account.dat
    -rw-r--r-- 1 nginx nginx    0 May 16  2016 config.dat
    -rw-r--r-- 1 nginx nginx    0 May 16  2016 cookie.dat
    drwxr-sr-x 2 nginx nginx 4.0K Nov 28 22:05 files
    -rw-r--r-- 1 nginx nginx   62 May 16  2016 index.php
    -rw-r--r-- 1 nginx nginx    0 May 16  2016 log.txt
    -rw-r--r-- 1 nginx nginx    0 May 16  2016 online.dat
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/data/files:
    total 12K
    drwxr-sr-x 2 nginx nginx 4.0K Nov 28 22:05 .
    drwxrwxrwx 3 nginx nginx 4.0K Nov 28 22:04 ..
    -rw-r--r-- 1 nginx nginx   62 May 16  2016 index.php
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/images:
    total 220K
    drwxrwxrwx 2 nginx nginx 4.0K Nov 28 22:05 .
    drwxrwxrwx 7 nginx nginx 4.0K Nov 29 07:26 ..
    -rw-r--r-- 1 nginx nginx 2.8K May 16  2016 bglist.png
    -rw-r--r-- 1 nginx nginx 1.1K May 16  2016 button_bg1.gif
    -rw-r--r-- 1 nginx nginx 1014 May 16  2016 button_bg2.gif
    -rw-r--r-- 1 nginx nginx  717 May 16  2016 button_bg3.gif
    -rw-r--r-- 1 nginx nginx 1.9K May 16  2016 chk_error.png
    -rw-r--r-- 1 nginx nginx  162 May 16  2016 chk_good.png
    -rw-r--r-- 1 nginx nginx 3.7K May 16  2016 error.png
    -rw-r--r-- 1 nginx nginx  92K May 16  2016 jquery-1.7.1.min.js
    -rw-r--r-- 1 nginx nginx  847 May 16  2016 loading_black.gif
    -rw-r--r-- 1 nginx nginx  11K May 16  2016 loading.gif
    -rw-r--r-- 1 nginx nginx  847 May 16  2016 loading_white.gif
    -rw-r--r-- 1 nginx nginx 6.1K May 16  2016 sprintf.js
    -rw-r--r-- 1 nginx nginx 6.7K May 16  2016 success.png
    -rw-r--r-- 1 nginx nginx  27K May 16  2016 Thumbs.db
    -rw-r--r-- 1 nginx nginx 8.9K May 16  2016 vngicon.png
    -rw-r--r-- 1 nginx nginx 9.6K May 16  2016 ZeroClipboard.js
    -rw-r--r-- 1 nginx nginx 1.1K May 16  2016 ZeroClipboard.swf
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/lang:
    total 72K
    drwxrwxrwx 2 nginx nginx 4.0K Nov 28 22:05 .
    drwxrwxrwx 7 nginx nginx 4.0K Nov 29 07:26 ..
    -rw-r--r-- 1 nginx nginx 5.0K May 16  2016 english.php
    -rw-r--r-- 1 nginx nginx 5.4K May 16  2016 german.php
    -rw-r--r-- 1 nginx nginx 5.2K May 16  2016 italian.php
    -rw-r--r-- 1 nginx nginx 5.1K May 16  2016 polish.php
    -rw-r--r-- 1 nginx nginx 5.2K May 16  2016 portuguese.php
    -rw-r--r-- 1 nginx nginx 5.5K May 16  2016 spanish.php
    -rw-r--r-- 1 nginx nginx 6.2K May 16  2016 turkish.php
    -rw-r--r-- 1 nginx nginx 6.1K May 16  2016 vietnamese.php
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin:
    total 16K
    drwxrwxrwx 4 nginx nginx 4.0K Nov 28 22:05 .
    drwxrwxrwx 7 nginx nginx 4.0K Nov 29 07:26 ..
    drwxr-sr-x 6 nginx nginx 4.0K Nov 28 22:06 bootstrap
    drwxrwxrwx 2 nginx nginx 4.0K Nov 28 22:06 default
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/bootstrap:
    total 60K
    drwxr-sr-x 6 nginx nginx 4.0K Nov 28 22:06 .
    drwxrwxrwx 4 nginx nginx 4.0K Nov 28 22:05 ..
    -rw-r--r-- 1 nginx nginx 6.2K May 16  2016 admin.php
    -rw-r--r-- 1 nginx nginx 4.2K May 16  2016 checkaccount.php
    drwxr-sr-x 2 nginx nginx 4.0K Nov 28 22:06 css
    -rw-r--r-- 1 nginx nginx 2.5K May 16  2016 function.php
    drwxr-sr-x 2 nginx nginx 4.0K Nov 28 22:06 icons
    drwxr-sr-x 2 nginx nginx 4.0K Nov 28 22:06 img
    -rw-r--r-- 1 nginx nginx  12K May 16  2016 index.php
    drwxr-sr-x 2 nginx nginx 4.0K Nov 28 22:06 js
    -rw-r--r-- 1 nginx nginx 3.3K May 16  2016 login.php
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/bootstrap/css:
    total 132K
    drwxr-sr-x 2 nginx nginx 4.0K Nov 28 22:06 .
    drwxr-sr-x 6 nginx nginx 4.0K Nov 28 22:06 ..
    -rw-r--r-- 1 nginx nginx 124K May 16  2016 bootstrap.min.css
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/bootstrap/icons:
    total 12K
    drwxr-sr-x 2 nginx nginx 4.0K Nov 28 22:06 .
    drwxr-sr-x 6 nginx nginx 4.0K Nov 28 22:06 ..
    -rw-r--r-- 1 nginx nginx  623 May 16  2016 datafile.com.png
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/bootstrap/img:
    total 36K
    drwxr-sr-x 2 nginx nginx 4.0K Nov 28 22:06 .
    drwxr-sr-x 6 nginx nginx 4.0K Nov 28 22:06 ..
    -rw-r--r-- 1 nginx nginx  13K May 16  2016 glyphicons-halflings.png
    -rw-r--r-- 1 nginx nginx 8.6K May 16  2016 glyphicons-halflings-white.png
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/bootstrap/js:
    total 40K
    drwxr-sr-x 2 nginx nginx 4.0K Nov 28 22:06 .
    drwxr-sr-x 6 nginx nginx 4.0K Nov 28 22:06 ..
    -rw-r--r-- 1 nginx nginx  29K May 16  2016 bootstrap.min.js
    
    /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/skin/default:
    total 56K
    drwxrwxrwx 2 nginx nginx 4.0K Nov 28 22:06 .
    drwxrwxrwx 4 nginx nginx 4.0K Nov 28 22:05 ..
    -rwxrwxrwx 1 nginx nginx 6.4K May 16  2016 admin.php
    -rwxrwxrwx 1 nginx nginx 4.2K May 16  2016 checkaccount.php
    -rwxrwxrwx 1 nginx nginx 1.5K May 16  2016 function.php
    -rwxrwxrwx 1 nginx nginx  12K May 16  2016 index.php
    -rwxrwxrwx 1 nginx nginx 4.6K May 16  2016 login.php
    -rwxrwxrwx 1 nginx nginx 4.1K May 16  2016 rl_style_pm.css
    
     
  19. chienb

    chienb New Member

    12
    2
    3
    Nov 27, 2016
    Ratings:
    +3
    Local Time:
    10:25 PM
    Code:
    # https://community.centminmod.com/posts/35394/
    # /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl/hosts
    
    location /filehost_dl/hosts/ {
      location ~ ^/filehost_dl/hosts/(.+/)?(.+)\.(js)$ { allow all; expires 30d; }
      location ~ ^/filehost_dl/hosts/(.+/)?(.+)\.(css)$ { allow all; expires 30d; }
      location ~ ^/filehost_dl/hosts/(.+/)?(.+)\.(gif|jpe?g|png|webp|eot|svg|ttf|woff|woff)$ { allow all; expires 30d; }
      location ~ ^/filehost_dl/hosts/(.+/)?(.+)\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)$ { allow 127.0.0.1; deny all; }
    }
    
    # https://community.centminmod.com/posts/35394/
    # /home/nginx/domains/dlserv1.filesparq.com/public/filehost_dl
    
    location /filehost_dl/ {
      location ~ ^/filehost_dl/(.+/)?(.+)\.(js)$ { allow all; expires 30d; }
      location ~ ^/filehost_dl/(.+/)?(.+)\.(css)$ { allow all; expires 30d; }
      location ~ ^/filehost_dl/(.+/)?(.+)\.(gif|jpe?g|png|webp|eot|svg|ttf|woff|woff)$ { allow all; expires 30d; }
      location ~ ^/filehost_dl/(.+/)?(.+)\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)$ { allow 127.0.0.1; deny all; }
    }
    
     
  20. eva2000

    eva2000 Administrator Staff Member

    30,938
    6,912
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,408
    Local Time:
    4:25 PM
    Nginx 1.13.x
    MariaDB 5.5