Getting a "403 access denied" error instead of serving file (using django, gunicorn nginx)
Posted
by
Finglish
on Server Fault
See other posts from Server Fault
or by Finglish
Published on 2012-09-18T12:11:09Z
Indexed on
2012/09/18
15:41 UTC
Read the original article
Hit count: 358
Getting a "403 access denied" error instead of serving file (using django, gunicorn nginx)
I am attempting to use nginx to serve private files from django. For X-Access-Redirect settings I followed the following guide
http://www.chicagodjango.com/blog/permission-based-file-serving/
Here is my site config file (/etc/nginx/site-available/sitename):
server {
listen 80;
listen 443 default_server ssl;
server_name localhost;
client_max_body_size 50M;
ssl_certificate /home/user/site.crt;
ssl_certificate_key /home/user/site.key;
access_log /home/user/nginx/access.log;
error_log /home/user/nginx/error.log;
location / {
access_log /home/user/gunicorn/access.log;
error_log /home/user/gunicorn/error.log;
alias /path_to/app;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass http://127.0.0.1:8000;
proxy_connect_timeout 100s;
proxy_send_timeout 100s;
proxy_read_timeout 100s;
}
location /protected/ {
internal;
alias /home/user/protected;
}
}
I then tried using the following in my django view to test the download:
response = HttpResponse()
response['Content-Type'] = "application/zip"
response['X-Accel-Redirect'] = '/protected/test.zip'
return response
but instead of the file download I get:
403 Forbidden
nginx/1.1.19
Please note: I have removed all the personal data from the the config file, so if there are any obvious mistakes not related to my error that is probably why.
My nginx error log gives me the following:
2012/09/18 13:44:36 [error] 23705#0: *44 directory index of "/home/user/protected/" is forbidden, client: 80.221.147.225, server: localhost, request: "GET /icbdazzled/tmpdir/ HTTP/1.1", host: "www.icb.fi"
© Server Fault or respective owner