404 Not Found while accessing the file

Kaushal Shriyan kaushalshriyan at gmail.com
Mon Aug 2 15:42:59 UTC 2021


Hi,

I am running nginx version: nginx/1.20.1 on CentOS Linux release 7.9.2009
(Core). When I am accessing
https://dsmadeveloperportal.mydomain.com/sites/default/files/2020-08/dsmaAccount%20and%20Transaction%20API%20Specification_2_1.yml,
I am encountering  404 Not Found while accessing it. On the server, the
file is there

#ls -l
"/var/www/html/dacdeveloperportal/web/sites/default/files/2020-08/dsmaAccount
and Transaction API Specification_2_1.yml"
-rwxrwxrwx 1 nginx nginx 418867 Aug  2 05:21
/var/www/html/dacdeveloperportal/web/sites/default/files/2020-08/dsmaAccount
and Transaction API Specification_2_1.yml

[root at dsmadeveloperportal web]#pwd
/var/www/html/dsmadeveloperportal/web
[root at dsmadeveloperportal web]# ls -l
total 44
-rw-rw-r--  1 nginx nginx  385 Jul 12 14:21 autoload.php
drwxr-xr-x 12 nginx nginx 4096 Jul 28 11:52 core
-rw-r--r--  1 nginx nginx 1507 Jul 28 11:53 example.gitignore
-rw-rw-r--  1 nginx nginx  549 Jul 12 14:21 index.php
-rw-r--r--  1 nginx nginx   95 Jul 28 11:53 INSTALL.txt
drwxrwxr-x  6 nginx nginx   77 Jul 28 11:53 libraries
drwxrwxr-x  4 nginx nginx   69 Jul 28 11:53 modules
drwxrwxr-x  2 nginx nginx   40 Jul 28 11:53 profiles
-rw-r--r--  1 nginx nginx 5924 Jul 28 11:53 README.txt
-rw-rw-r--  1 nginx nginx 1594 Jul 12 14:21 robots.txt
drwxrwxr-x  3 nginx nginx  130 Jul 28 11:53 sites
drwxrwxr-x  4 nginx nginx   69 Jul 28 11:53 themes
-rw-rw-r--  1 nginx nginx  848 Jul 12 14:21 update.php
-rw-rw-r--  1 nginx nginx 4566 Jul 12 14:21 web.config
[root at dacdeveloperportal web]#

*nginx config*
> #cat /etc/nginx/conf.d/dsmadeveloperportal.conf
> server {
>       listen       80 default_server;
>       server_name  dsmadeveloperportal.mydomain.com;
>       return 301 https://$server_name$request_uri;



}

server {
        listen 443 ssl;
        server_name dsmadeveloperportal.mydomain.com;
        ssl_protocols          TLSv1.3 TLSv1.2;
        ssl_stapling on;
        ssl_stapling_verify on;
        ssl_certificate /etc/ssl/certs/
dsmadeveloperportal.mydomain.com/fullchain1.pem;
        ssl_certificate_key /etc/ssl/certs/
dsmadeveloperportal.mydomain.com/privkey1.pem;
        ssl_ciphers
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
root /var/www/html/dsmadeveloperportal/web;
        ssl_prefer_server_ciphers on;
        ssl_dhparam /etc/ssl/certs/
dsmadeveloperportal.mydomain.com/dhparam.pem;
        add_header Strict-Transport-Security: max-age=63072000;
        proxy_busy_buffers_size   512k;
        proxy_buffers   4 512k;
        proxy_buffer_size   256k;
        index index.php index.html index.htm;


location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    location ~ \..*/.*\.php$ {
        return 403;
    }

    #location ~ ^/sites/.*/private/ {
    #    return 403;
    #}

    # Block access to scripts in site files directory
    location ~ ^/sites/[^/]+/files/.*\.php$ {
        deny all;
    }

    # Allow "Well-Known URIs" as per RFC 5785
    location ~* ^/.well-known/ {
        allow all;
    }

    # Block access to "hidden" files and directories whose names begin with
a
    # period. This includes directories used by version control systems such
    # as Subversion or Git to store control files.
    location ~ (^|/)\. {
        return 403;
    }


    location / {
        # try_files $uri @rewrite; # For Drupal <= 6
      try_files $uri /index.php?$query_string; # For Drupal >= 7
    }

    location @rewrite {
       rewrite ^/(.*)$ /index.php?q=$1;
    }

    # Don't allow direct access to PHP files in the vendor directory.
    location ~ /vendor/.*\.php$ {
        deny all;
        return 404;
    }

    # Protect files and directories from prying eyes.
    location ~*
\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$
{
        deny all;
        return 404;
    }

        location ~ \.php$ {
        include fastcgi.conf;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_read_timeout 300s;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        }

       location ^~ /core/install.php {
        deny all;
    }
}

Please suggest. Thanks in advance and I look forward to hearing from you.

Best Regards,

Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20210802/709fbee7/attachment-0001.htm>


More information about the nginx mailing list