nginx安装和前端访问配置以及403 Forbidden解决方案_Mysql

nginx安装

安装命令（centos环境）：

sudo yum install epel-release（本次安装nginx未执行该条命令）
sudo yum install nginx

配置文件位置：

/etc/nginx/nginx.conf

启动：

 sudo systemctl start nginx

配置开机启动：

 sudo systemctl enable nginx

重启：

/usr/sbin/nginx  -s reload
 sudo systemctl daemon-reload

前端nginx访问配置

8001系统+10002系统+10003系统+10005系统

       server {
           listen 10003;
           server_name web.zc.com;
           index index.php index.html index.htm default.php default.htm default.html;
           root /mnt/web/zc-web/dist;
           try_files $uri $uri/ /index.html; # 将所有请求导 index.html

           #proxy-start/
           location ~ ^/prod-api(.*)$ {
               rewrite ^/prod-api(.*)$ $1 break;
               proxy_pass http://127.0.0.1:8080;
               proxy_set_header host $host;
               proxy_set_header x-real-ip $remote_addr;
               proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
               proxy_set_header remote-host $remote_addr;
               proxy_set_header upgrade $http_upgrade;
               # proxy_set_header connection $connection_upgrade;
               proxy_http_version 1.1;
               # proxy_hide_header upgrade;

               add_header x-cache $upstream_cache_status;

               #set nginx cache


               set $static_filedayaoisb 0;
               if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
               {
                set $static_filedayaoisb 1;
                expires 1m;
                   }
               if ( $static_filedayaoisb = 0 )
               {
               add_header cache-control no-cache;
               }
           }

           #proxy-end/
       }

       server {
           listen 10005;
           server_name client.zc.com;
           index index.php index.html index.htm default.php default.htm default.html;
           root /mnt/web/zc-client/dist;
           try_files $uri $uri/ /index.html; # 将所有请求导 index.html

           #proxy-start/
           location ~ ^/dev-api(.*)$ {
               rewrite ^/dev-api(.*)$ $1 break;
               proxy_pass http://127.0.0.1:8080;
           }
           location ~ ^/prod-api(.*)$ {
               rewrite ^/prod-api(.*)$ $1 break;
               proxy_pass http://127.0.0.1:8080;
               proxy_set_header host $host;
               proxy_set_header x-real-ip $remote_addr;
               proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
               proxy_set_header remote-host $remote_addr;
               proxy_set_header upgrade $http_upgrade;
               # proxy_set_header connection $connection_upgrade;
               proxy_http_version 1.1;
               # proxy_hide_header upgrade;

               add_header x-cache $upstream_cache_status;

               #set nginx cache


               set $static_filedayaoisb 0;
               if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
               {
                set $static_filedayaoisb 1;
                expires 1m;
                   }
               if ( $static_filedayaoisb = 0 )
               {
               add_header cache-control no-cache;
               }
           }

           #proxy-end/
       }
       
       server {
           listen 10002;
           server_name jetlinks.zc.com;
           index index.php index.html index.htm default.php default.htm default.html;
           root /mnt/web/jetlinks/dist;
           try_files $uri $uri/ /index.html; # 将所有请求导 index.html

           #proxy-start/
           location ~ ^/api(.*)$ {
               rewrite ^/api(.*)$ $1 break;
               proxy_pass http://127.0.0.1:9999;
               proxy_set_header host $host;
               proxy_set_header x-real-ip $remote_addr;
               proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
               proxy_set_header remote-host $remote_addr;
               proxy_set_header upgrade $http_upgrade;
               proxy_set_header connection "upgrade"; # 【可选】开启websocket协议
               proxy_http_version 1.1;
               # proxy_hide_header upgrade;

               add_header x-cache $upstream_cache_status;

               #set nginx cache


               set $static_filedayaoisb 0;
               if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
               {
                set $static_filedayaoisb 1;
                expires 1m;
                   }
               if ( $static_filedayaoisb = 0 )
               {
               add_header cache-control no-cache;
               }
           }

           #proxy-end/
       }

       server {
           listen 8001;
           server_name icp.zc.com;
           index index.php index.html index.htm default.php default.htm default.html;
           root /mnt/web/icp/dist;
           try_files $uri $uri/ /index.html; # 将所有请求导 index.html

           #proxy-start/
           location ~ ^/icp-api(.*)$ {
               rewrite ^/icp-api(.*)$ $1 break;
               proxy_pass http://127.0.0.1:8080;
               proxy_set_header host $host;
               proxy_set_header x-real-ip $remote_addr;
               proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
               proxy_set_header remote-host $remote_addr;
               proxy_set_header upgrade $http_upgrade;
               # proxy_set_header connection $connection_upgrade;
               proxy_http_version 1.1;
               # proxy_hide_header upgrade;

               add_header x-cache $upstream_cache_status;

               #set nginx cache


               set $static_filedayaoisb 0;
               if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
               {
                set $static_filedayaoisb 1;
                expires 1m;
                   }
               if ( $static_filedayaoisb = 0 )
               {
               add_header cache-control no-cache;
               }
           }

           #proxy-end/
       }

nginx访问 403 forbidden

[root@yutu-node3 ~]# curl  http://localhost:8001
<html>
<head><title>403 forbidden</title></head>
<body>
<center><h1>403 forbidden</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>

（1）检查文件或目录的权限，确保 nginx 用户（通常是 www-data、nginx 或 nobody）有读取权限

ll /path/to/your/file

chmod -r 755 /path/to/your/file   # 确保目录文件可读
chown -r nginx:nginx /path/to/your/directory  # 确保 nginx 用户有权限

（2）如果服务器启用了 selinux 或 apparmor，可能会限制 nginx 访问某些文件或目录。

chcon -r -t httpd_sys_content_t /path/to/your/directory

（3）清除 nginx 缓存并重新加载配置

nginx -s reload

【终极大法】临时关闭 selinux，建议避免使用：

setenforce 0

总结

以上为个人经验，希望能给大家一个参考，也希望大家多多支持代码网。

nginx安装和前端访问配置以及403 Forbidden解决方案

2025年07月20日 • Mysql •我要评论

nginx安装

前端nginx访问配置

nginx访问 403 forbidden

总结

相关文章:

K8s使用kubectl访问api-server失败,node“XXX“ not found的解决方案

MySQL查询优化与事务实战教程

发表评论


验证码：