What's the reason for returnning 403

hzb · February 4, 2024, 7:25am

1. The problem I’m having:

My website returns 403 error

2. Error messages and/or full log output:

Return 403

3. Caddy version:

v2.7.6 h1:w0NymbG2m9PcvKWsrXO6EEkY9Ru4FJK8uQbYcev1p3A=

4. How I installed and ran Caddy:

a. System environment:

Debian 12.4, 6.1.0-15-cloud-amd64

b. Command:

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo tee /etc/apt/trusted.gpg.d/caddy-stable.asc
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update -y
sudo apt install caddy -y

c. Service/unit/compose file:

systemctl start caddy

d. My complete Caddy config:

foo.com {
 tls domain@foo.com
 root * /home/proname/website
 file_server
}

5. Links to relevant resources:

I uploaded a folder with index.html file via scp -r website proname@ip:~/, and visit the website via foo.com, it returns 403, and I checked ls -lh

drwxr-xr-x 3 proname proname 4.0K Feb  4 06:48 website

I moved this folder website to /usr/share/caddy and checked ls -lh

drwxr-xr-x 3 proname proname 4.0K Feb  4 06:53 website

And this time, it works after I change root * /home/proname/website to root * /usr/share/caddy/website in the Caddyfile.

Any help? Thanks.

francislavoie · February 4, 2024, 8:03am

When running as a systemd service, Caddy runs as the caddy user. That user doesn’t have permission to access anything in /home because the x permission is needed for that user on every directory that is parent of the target, and /home does not have x for world.

Move your files elsewhere, like /srv or /var/www to allow Caddy to access them.

hzb · February 4, 2024, 10:28am

I see, thank you so much!!!

system · March 5, 2024, 10:29am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.