Saturday, 20 September 2014

Sorting out 403 and "directory index of * is forbidden" in a nginx deployment of a rails application

I deployed a rails 4 application on Digital Ocean Ubuntu instance using Capistrano, Nginx, Passenger by following this recipe.

I set up the server block to listen on a non-standard port:

server {

        listen                        3001;
        server_name  ;
        root                          /home/deploy/appmate/current/public;
        passenger_enabled  on;
        passenger_ruby       /home/deploy/.rvm/gems/ruby-2.1.2/wrappers/ruby;
        rails_env production;


This worked okay.

However, when I tried to set the same application on port 80 I stumbled upon HTTP 403.

The server block for port 80 was set up automatically and I just added/changed the root and the passenger/rails lines. I left the other original content there:

server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;

        passenger_enabled on;
        passenger_ruby     /home/deploy/.rvm/gems/ruby-2.1.2/wrappers/ruby;
        rails_env production;

        root   /home/deploy/appmate/current/public;
        ##root /usr/share/nginx/html;
        ##index index.html index.htm;

        # Make site accessible from http://localhost/
        server_name localhost;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
               try_files $uri $uri/ =404;
                # Uncomment to enable naxsi on this location
                # include /etc/nginx/naxsi.rules


The error message I found in


was the same I found earler: "directory index of "/home/deploy/appmate/current/public/" is forbidden". Back than I resolved the issue by changing the privileges of the parent directories. So there was no reason I had to do that again!

With a bit of googling I found the culprit in the location block. By following this recipe. I removed  $uri/ from the try_files command. I started getting 404 instead of 403. When I removed the whole location block all error messages disappeared.