# How to configure nginx?

## pmam

I am trying to build Home webserver - I installed nginx according this: http://wiki.gentoo.org/wiki/Nginx

and it looks ok - all testing noted in Troubleshooting chapter passed ok.

But when I am trying to access with web browser to the http://localhost I get an error: '403 Forbidden' - 

It looks that need to adjust /etc/nginx/nginx.conf to my local host data - here the default config:

```
server {

                listen 127.0.0.1;

                server_name localhost;

 

                access_log /var/log/nginx/localhost.access_log main;

                error_log /var/log/nginx/localhost.error_log info;

 

                root /var/www/localhost/htdocs;
```

Maybe there is a permission issue?

In addition - I saw in other docs (non-Gentoo) - that need to set /etc/nginx/sites-available and /etc/nginx/sites-enabled - 

I did not see any comment in above Gentoo's wiki - If need it please, explain or point me to relevant link?

----------

## Hu

What does the nginx error log show?

----------

## pmam

Hu Hello,

Here localhost.error_log and one line of localhost.access_log:

```
2015/03/17 19:03:50 [info] 5463#0: *1 client 127.0.0.1 closed keepalive connection

2015/03/17 19:08:18 [error] 5596#0: *1 directory index of "/var/www/localhost/htdocs/" is forbidden, client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", host: "localhost"

2015/03/17 19:08:38 [info] 5596#0: *1 client 127.0.0.1 closed keepalive connection

2015/03/17 19:09:15 [error] 5670#0: *1 directory index of "/home/mg/" is forbidden, client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", host: "localhost"

2015/03/17 19:09:19 [error] 5670#0: *1 directory index of "/home/mg/" is forbidden, client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", host: "localhost"

2015/03/17 19:09:40 [info] 5670#0: *1 client 127.0.0.1 closed keepalive connection

2015/03/18 12:09:28 [error] 2368#0: *1 directory index of "/var/www/localhost/htdocs/" is forbidden, client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", host: "localhost"

2015/03/18 12:09:49 [info] 2368#0: *1 client 127.0.0.1 closed keepalive connection
```

```
127.0.0.1 - - [19/Mar/2015:21:55:41 +0200] "GET / HTTP/1.1" 403 346 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0 SeaMonkey/2.31" "-"
```

Thanks

----------

## Ant P.

You haven't enabled the directory index module for that path and you have no index files for nginx to display. It's working exactly as it's supposed to.

----------

## Naib

what are the permissions and owners for: /var/www/localhost/htdocs

```

ls -l

total 4

drwxr-xr-x 4 nginx nginx 4096 Aug 13  2013 localhost
```

----------

## pmam

Ant P. & Naib,

According your replies I see that I miss something... I thought all directories has been set by installation.

This is the first time I am building webserver so please try to be much detailed as you can - 

Please correct me if I am wrong:

In order to test virtual localhost, according the default config, need to create a directory called:

/var/www/localhost/htdocs and add a new user called nginx and set permissions - Please note the right command for this permissions?

Please advise what need to do regarding 'index module' - 

need to create directory or file called index under /var/www/localhost/htdocs? 

Can you recommend on more detailed wiki? 

Thanks

----------

## pmam

Ok – I see that nginx's installation has already created /var/www/localhost/htdocs directory,

and added group and user called nginx, with the appropriated permissions -

so I only needed to add a file called index.html under that directory, as Ant P. suggested, with some text like: 

```
<html> 

<head> 

<title>www.example.com</title> 

</head> 

<body> 

<h1>Success: You Have Set Up a Virtual Host</h1> 

</body> 

</html>
```

and I can access and see this message. 

I would recommend to add such file to installation – It would save me some time, and to you, as well...

Now I need to learn and carefully consider all security aspects, in order to be in the safe side, before meeting the big bad Internet... 

I would appreciate tips and  recommendations of a good links for a 'security beginner' like me.

Thanks you all

----------

## Ant P.

As long as it's only serving static files there won't be security problems, you'd have to do a lot of work to make it unsafe.

----------

## pmam

 *Quote:*   

> As long as it's only serving static files there won't be security problems

 

I see that dynamic files, means database and all maintenance scripts, PHP etc, but - 

If I have 'Sign in' and 'Login' module -Is it still 'static' or 'dynamic'?  

I have a simple setup: NAT router with LAN - 

Please let me know if I need to read 'Gentoo Security Handbook' with the relevant issues, like:

File Permissions, Firewall, Ports Forwarding etc - or it is not quite necessary?   

Thanks

----------

## charles17

 *pmam wrote:*   

> Ok – I see that nginx's installation has already created /var/www/localhost/htdocs directory,
> 
> and added group and user called nginx, with the appropriated permissions -
> 
> so I only needed to add a file called index.html under that directory, as Ant P. suggested, with some text like: 
> ...

 Pmam,

It's all well described in the docs.  And gninx also has its own forum where you'll find much useful help and information.

----------

## rodia

Hi all,

Pmam, yes this absence of index static file could be confusing but I guess it forces, for good, to go through the nginx docs as charles17 linked.

I think you were expected something more like an empty index listing showing the root directory and for this you have the autoindex module: 

autoindex on;

```
server {

                listen 127.0.0.1;

                server_name localhost;

                root /var/www/localhost/htdocs;

                autoindex on;

#...

}

```

Just adding some useful info to that thread that I didn't find very easily the first time I was setting up nginx.

----------

