In Nginx, it has to be autoindex or directory forbidden error? In Nginx, it has to be autoindex or directory forbidden error? nginx nginx

In Nginx, it has to be autoindex or directory forbidden error?


you have the following set:

index        index.php index.html index.htm;

That means that when autoindex is off your webserver will for each request for a directory path:

  1. look for an index.php in that directory, and return that if found
  2. if an index.php was not found it will look for an index.html and return that
  3. if an index.html is also not found it will return an index.htm
  4. if that isn't found either it will return a 403

so if you want to avoid the 403 error page you need to set up either index.php, index.html or index htm in that directory.

Alternatively you could set error_page 403 some_page.html; to return a 403 result that looks different.


Return an index page or a 403 error are not the sole alternatives for a directory. For example, sometimes, a 404 error is more appropriate. Especially when you want to hide a folder.

In this case, there is an elegant way to do whatever you want:

# Create a fictive location which does what you want (404 here) location /404/ {    internal;    return 404;}# Use this fictive location as a folder index. That's all.index /404/;

The directory Index requests will be handled by the (fictive) '/404/' internal location and will result in a 404 error. Be aware that it's an internal location. The client browser is not redirected in any way. It just gets a 404 return code for his request.

Here, the 404 error is just an example. When you redirect to an internal location you can do whatever you want.

So instead of returning 403 error code, of using an autoindex or of trying to hide your problem with a fake page, you can do exactly what you expect :)


This will return 403 directory forbidden, without an error, for http://example.com/ only:

location = / {    return 403;}

So, in your case:

location = /images/upload/ {    return 403;}

This will return 403 directory forbidden, without an error, for the /images/upload/ directory only.