404 Not Found while accessing the file

Kaushal Shriyan kaushalshriyan at gmail.com
Tue Aug 3 22:42:21 UTC 2021


On Tue, Aug 3, 2021 at 11:37 PM Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Tue, Aug 03, 2021 at 09:13:06PM +0530, Kaushal Shriyan wrote:
>
> > On Mon, Aug 2, 2021 at 11:18 PM Maxim Dounin <mdounin at mdounin.ru> wrote:
> >
> > > On Mon, Aug 02, 2021 at 09:12:59PM +0530, Kaushal Shriyan wrote:
> > >
> > > > I am running nginx version: nginx/1.20.1 on CentOS Linux release
> 7.9.2009
> > > > (Core). When I am accessing
> > > >
> > >
> https://dsmadeveloperportal.mydomain.com/sites/default/files/2020-08/dsmaAccount%20and%20Transaction%20API%20Specification_2_1.yml
> > > ,
> > > > I am encountering  404 Not Found while accessing it. On the server,
> the
> > > > file is there
> > > >
> > > > #ls -l
> > > >
> > >
> "/var/www/html/dacdeveloperportal/web/sites/default/files/2020-08/dsmaAccount
> > > > and Transaction API Specification_2_1.yml"
> > > > -rwxrwxrwx 1 nginx nginx 418867 Aug  2 05:21
> > > >
> > >
> /var/www/html/dacdeveloperportal/web/sites/default/files/2020-08/dsmaAccount
> > > > and Transaction API Specification_2_1.yml
> > >
> > > [...]
> > >
> > > > root /var/www/html/dsmadeveloperportal/web;
> > >
> > > Note this does not match the file location, "dsma" vs "dac".
> > >
> > > Note well that additional useful information can be found in nginx
> > > error log.  Looking into error log usually greatly simplifies
> > > debugging problems like this.
>
> [...]
>
> > Thanks for the email. Apologies for sharing the incorrect file path,
> there
> > was a typo error in the file path. Please ignore it.
> > The correct file path is as below:-
>
> [...]
>
> > 2021/08/03 09:55:07 [debug] 3405#3405: *6 http uri:
> "/sites/default/files/2021-08/Account and Transaction API
> Specification_2_1.yml"
>
> [...]
>
> > 2021/08/03 09:55:07 [debug] 3405#3405: *6 test location: ~
> "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$"
> > 2021/08/03 09:55:07 [debug] 3405#3405: *6 using configuration
> "\.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$"
> > 2021/08/03 09:55:07 [debug] 3405#3405: *6 http cl:-1 max:1048576
> > 2021/08/03 09:55:07 [debug] 3405#3405: *6 rewrite phase: 3
> > 2021/08/03 09:55:07 [debug] 3405#3405: *6 http finalize request: 404,
> "/sites/default/files/2021-08/Account and Transaction API
> Specification_2_1.yml?" a:1, c:1
>
> As it is immediately clear from the debug log, the request is
> matched by the regexp location in your configuration which is
> expected to match all requests to ".yml" files and return the 404
> error.  Quoting the configuration:
>
> >     # Protect files and directories from prying eyes.
> >     location ~*
> \.(engine|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\.php)?|xtmpl|yml)(~|\.sw[op]|\.bak|\.orig|\.save)?$|^(\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\.(json|lock)|web\.config)$|^#.*#$|\.php(~|\.sw[op]|\.bak|\.orig|\.save)$
> {
> >         deny all;
> >         return 404;
> >     }
>
> The most simple solution would be to remove this location - given
> the complexity, it is expected to be a constant source of issues
> like this.
>
> Alternatively, you can modify the location to allow all ".yml"
> files or this particular file.  This is not something I can
> recommend though.
>

Thanks Maxim and it worked like a charm. Is there a way to set the default
permission to 700 whenever the user uploads the file in the nginx docroot?
Is there an Nginx config that can set the file permission to 700 once the
user uploads?

Please comment. Thanks in advance.

Best Regards,

Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20210804/1e003e8a/attachment-0001.htm>


More information about the nginx mailing list