Getting a "403 access denied" error instead of serving file (using django, gunicorn nginx)

Posted by Finglish on Server Fault See other posts from Server Fault or by Finglish
Published on 2012-09-18T12:11:09Z Indexed on 2012/09/18 15:41 UTC
Read the original article Hit count: 358

Filed under:
|
|
|
|

Getting a "403 access denied" error instead of serving file (using django, gunicorn nginx)

I am attempting to use nginx to serve private files from django. For X-Access-Redirect settings I followed the following guide

http://www.chicagodjango.com/blog/permission-based-file-serving/

Here is my site config file (/etc/nginx/site-available/sitename):

server {
    listen 80;
    listen 443 default_server ssl;

    server_name localhost;

    client_max_body_size    50M;

    ssl_certificate /home/user/site.crt;
    ssl_certificate_key /home/user/site.key;

    access_log /home/user/nginx/access.log;
    error_log  /home/user/nginx/error.log;

    location / {
           access_log /home/user/gunicorn/access.log;
           error_log /home/user/gunicorn/error.log;
           alias /path_to/app;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header Host $http_host;
           proxy_redirect off;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Scheme $scheme;
           proxy_pass http://127.0.0.1:8000;
           proxy_connect_timeout 100s;
           proxy_send_timeout 100s;
           proxy_read_timeout 100s;
    }

    location /protected/ {
            internal;
            alias /home/user/protected;
    }
}

I then tried using the following in my django view to test the download:

response = HttpResponse()
response['Content-Type'] = "application/zip"
response['X-Accel-Redirect'] = '/protected/test.zip'
return response

but instead of the file download I get:

403 Forbidden
nginx/1.1.19

Please note: I have removed all the personal data from the the config file, so if there are any obvious mistakes not related to my error that is probably why.

My nginx error log gives me the following:

2012/09/18 13:44:36 [error] 23705#0: *44 directory index of "/home/user/protected/" is forbidden, client: 80.221.147.225, server: localhost, request: "GET /icbdazzled/tmpdir/ HTTP/1.1", host: "www.icb.fi"

© Server Fault or respective owner

Related posts about nginx

Related posts about redirect