404 Not Found while accessing the file

Maxim Dounin mdounin at mdounin.ru
Tue Aug 3 18:07:01 UTC 2021 

Hello!

On Tue, Aug 03, 2021 at 09:13:06PM +0530, Kaushal Shriyan wrote:

> On Mon, Aug 2, 2021 at 11:18 PM Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> > On Mon, Aug 02, 2021 at 09:12:59PM +0530, Kaushal Shriyan wrote:
> >
> > > I am running nginx version: nginx/1.20.1 on CentOS Linux release 7.9.2009
> > > (Core). When I am accessing
> > >
> > https://dsmadeveloperportal.mydomain.com/sites/default/files/2020-08/dsmaAccount%20and%20Transaction%20API%20Specification_2_1.yml
> > ,
> > > I am encountering  404 Not Found while accessing it. On the server, the
> > > file is there
> > >
> > > #ls -l
> > >
> > "/var/www/html/dacdeveloperportal/web/sites/default/files/2020-08/dsmaAccount
> > > and Transaction API Specification_2_1.yml"
> > > -rwxrwxrwx 1 nginx nginx 418867 Aug  2 05:21
> > >
> > /var/www/html/dacdeveloperportal/web/sites/default/files/2020-08/dsmaAccount
> > > and Transaction API Specification_2_1.yml
> >
> > [...]
> >
> > > root /var/www/html/dsmadeveloperportal/web;
> >
> > Note this does not match the file location, "dsma" vs "dac".
> >
> > Note well that additional useful information can be found in nginx
> > error log.  Looking into error log usually greatly simplifies
> > debugging problems like this.

[...]

> Thanks for the email. Apologies for sharing the incorrect file path, there
> was a typo error in the file path. Please ignore it.
> The correct file path is as below:-

[...]

> 2021/08/03 09:55:07 [debug] 3405#3405: *6 http uri: "/sites/default/files/2021-08/Account and Transaction API Specification_2_1.yml"

[...]

> 2021/08/03 09:55:07 [debug] 3405#3405: *6 test location: ~ "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$"
> 2021/08/03 09:55:07 [debug] 3405#3405: *6 using configuration "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$"
> 2021/08/03 09:55:07 [debug] 3405#3405: *6 http cl:-1 max:1048576
> 2021/08/03 09:55:07 [debug] 3405#3405: *6 rewrite phase: 3
> 2021/08/03 09:55:07 [debug] 3405#3405: *6 http finalize request: 404, "/sites/default/files/2021-08/Account and Transaction API Specification_2_1.yml?" a:1, c:1

As it is immediately clear from the debug log, the request is 
matched by the regexp location in your configuration which is 
expected to match all requests to ".yml" files and return the 404 
error.  Quoting the configuration:

>     # Protect files and directories from prying eyes.
>     location ~* \.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$ {
>         deny all;
>         return 404;
>     }

The most simple solution would be to remove this location - given 
the complexity, it is expected to be a constant source of issues 
like this.

Alternatively, you can modify the location to allow all ".yml" 
files or this particular file.  This is not something I can 
recommend though.

-- 
Maxim Dounin
http://mdounin.ru/

More information about the nginx mailing list