2

I've set up a new Laravel 5.7 site on a VPS. I had previously run the site locally using valet with no issues. However, now when I navigate to my dashboard route using https://mysite.mydomain.net/dashboard, I'm getting a 403 error returned by nginx (there's no laravel errors, so I'm assuming it never gets to laravel at all).

Other paths that hit other routes with a similar structure don't seem to be affected.

I've tried running php artisan route:clear to make sure it's not hitting an older cached routing.

The route is simple:

Route::get('/dashboard', function () {
    return "yo";
})->name('dashboard'); // returns 403

Almost exactly the same route returns the expected result with no issue:

Route::get('/test', function() {
    return "test";
})->name('test'); // returns "test"

Here's the nginx config:

server {

         # Log files for Debugging
         access_log /var/log/nginx/laravel-access.log;
         error_log /var/log/nginx/laravel-error.log;

         # Webroot Directory for Laravel project
         root /var/www/mysite/public;
         index index.php index.html index.htm;

         # Your Domain Name
         server_name mysite.mydomain.net;

         location / {
                 try_files $uri $uri/ /index.php?$query_string;
         }

         # PHP-FPM Configuration Nginx
         location ~ \.php$ {
                 try_files $uri =404;
                 fastcgi_split_path_info ^(.+\.php)(/.+)$;
                 fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
                 fastcgi_index index.php;
                 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                 include fastcgi_params;
         }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/mysite.mydomain.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/mysite.mydomain.net/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = mysite.mydomain.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


         listen 80;
         listen [::]:80 ipv6only=on;
         server_name mysite.mydomain.net;
    return 404; # managed by Certbot


}

Does laravel authentication throw an nginx 403 error? I would expect it to at least show a laravel error message-- and besides, there's no middleware on this route. What could be going on?

The nginx error log shows: 

2018/10/30 20:46:48 [error] 19626#19626: *2201 directory index of "/var/www/mysite/public/dashboard/" is forbidden, client: 98.146.255.247, server: mysite.mydomain.net, request: "GET /dashboard/ HTTP/1.1", host: "rem$
Improve this question
4
  • sound like your problem is that you do have a folder named dashboard in your site root. try_files $uri $uri/ /index.php?$query_string; doesn't get to call the php and nginx tries to serve content in $uri/ Commented Oct 31, 2018 at 4:15
  • 1
    You could get rid of the $uri/ in this line try_files $uri /index.php?$query_string; But it's a much better idea not to have your app a site root to avoid those confusions Commented Oct 31, 2018 at 4:18
  • @AntonyGibbs true, I have a public/dashboard that holds my mixed down css / js etc. assets. Commented Oct 31, 2018 at 4:23
  • @AntonyGibbs -- that worked, removing the $uri/ fixed the issue. Please make that your answer and I'll accept it. Thanks! Commented Oct 31, 2018 at 4:31

2 Answers 2

Reset to default
4

sound like you have a folder named dashboard in your site root.

try_files $uri $uri/ /index.php?$query_string;

doesn't get to call the php as nginx tries to serve content in $uri/

As a quick fix you could get rid of the $uri/ in this line

try_files $uri /index.php?$query_string;

But it's a much better idea not to have your app a site root to avoid those confusions. You could put css, etc... in a folder /assets and change the line to

try_files $uri $uri/ assets/$uri /index.php?$query_string;

or something like that

location /assets {
    try_files $uri $uri/ =404;
}

location / {
    try_files /index.php?$query_string =503;
}

don't forget (before any other location as order matters)

# protect hidden files/folders ex: .git
location ~ /\. {
    deny all;
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Try php artisan cache:clear.

I actually experienced the same thing. Wierdly enough, I somehow 'massaged' the error out, by writing dd( 'Blah' ); at the top of my web.php (routes file). After I had done that, I moved the dd-line a couple of lines down (loading the problematic URL every time I moved it). In the end, then the dd( 'Blah' ) was in the bottom of the file, - and all my routes were working (so it must have been some caching of some sort). I had also tried to clear the cache previous to doing this. ... I have no idea why it worked. But it did. I had the error for 45 minutes, before I did this.

If that doesn't help, then perhaps check the content of /var/log/nginx/laravel-error.log; (as you write in the Nginx-configuration).

If that doesn't help, then try changing the route from /dashboard to /newdashboard temporarily, to see if the error follows along. ... Or you can try and copy the /test-route and rename it, to see if that would work. ... Or you can change the order of your routes.

I also had another problem like this, that appeared to be a middleware-problem, - but that was pretty long ago. I'm just mentioning it, so you have a couple of places to check.

But I can't see anything wrong with what you've written. So I'd put my money on the order of the routes, - or something else running on the server, occupying that URL.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.