How to solve status 403 in Caddy version 2

coolquestion · August 24, 2020, 2:16pm

1. Caddy version (`caddy version`):

2

2. How I run Caddy:

systemctl start caddy

a. System environment:

CentOS 8

b. Command:

systemctl start caddy

c. Service/unit/compose file:

[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target

[Service]
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddyfile or JSON config:

www.example.com {
    log {
        output file /var/log/caddy/caddy.log
    }
    file_server * browse {
        root /var/www/html
    }
}

3. The problem I’m having:

Instead of responding with status 200 and the web page index.html,. Caddy responds with status 403, forbidden.

4. Error messages and/or full log output:

{"level":"error","ts":1598277948.5061944,"logger":"http.log.access.log0","msg":"handled request","request":{"method":"GET","uri":"/","proto":"HTTP/2.0","remote_addr":"1.2.3.4:58953","host":"www.example.com","headers":{"Accept-Encoding":["gzip, deflate, br"],"Upgrade-Insecure-Requests":["1"],"Cache-Control":["max-age=0"],"Te":["trailers"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"],"Accept-Language":["en-US,en;q=0.5"]},"tls":{"resumed":false,"version":772,"ciphersuite":4865,"proto":"h2","proto_mutual":true,"server_name":"www.example.com"}},"common_log":"1.2.3.4 - - [24/Aug/2020:14:05:48 +0000] \"GET / HTTP/2.0\" 403 0","duration":0.000274589,"size":0,"status":403,"resp_headers":{"Server":["Caddy"]}}

5. What I already tried:

file_server * browse

6. Links to relevant resources:

John_Siu · August 24, 2020, 3:00pm

Is /var/www/html readable by user caddy?

Maybe provide output of following command:

ls -lha /var/www/html

Depends on your setup, maybe adding user caddy to the group owner of that directory is the quickest fix.

usermod –aG <group> caddy

coolquestion · August 24, 2020, 4:18pm

I made the entire directory owned by caddy:

chown -R caddy:caddy /var/www

I also made /etc/caddy/Caddyfile as simple as possible:

www.example.com
root * /var/www/html
log {
    output file /var/log/caddy/caddy.log
}
file_server

With this Caddyfile, I am getting status 404, not found.

I get the idea it is not looking where I think it is looking.

John_Siu · August 24, 2020, 4:41pm

Is your caddyfile with upper case C as shown above?

francislavoie · August 24, 2020, 6:05pm

What are the contents of your /var/www/html directory? Do you have an index.html in there?

By default, Caddy’s file server will look for an index.html or an index.txt file in the root when you request the / path.

coolquestion · August 24, 2020, 8:54pm

The Caddyfile has an uppercase C in its name.

The /var/www/html contains index.html.

I have replaced Caddy with Nginx to avoid spending any more time on it.

system · September 23, 2020, 2:16pm

This topic was automatically closed after 30 days. New replies are no longer allowed.

SpareShade · October 2, 2022, 2:11pm

Moderators Note: This comment was moved into this thread long after the original comments above, since it was a suggested solution to what was discussed here.

This is just a reference to https://caddy.community/t/how-to-solve-status-403-in-caddy-version-2/9570. As the original poster never marked the correct solution, but instead left the conversation, I thought this may helpful, as…

I was having the same issue where 403 response was returned if caddy was run as a systemd service (systemctl start caddy). Whilst all was ok if it ran as root/sudo.

The correct solution was suggested by @ John_Siu

usermod –aG <group> caddy