Quick and easy way to getting burned by nginx

Oct 05 2011 Tags: Linux, Nginx, Server

HTTP 403: Forbidden

Originally I wanted to write about something else today, but this is so brilliantly simple I just have to push back the original post for a few days.

A couple of hours ago I was talking about my past and current projects with someone and they mentioned that Hipstervision was down. Returning a nasty 403 error.

What the hell?

I know I’ve left that site fall by the wayside lately as I was focusing on other things, but it should nevertheless at least respond with something when you try visiting it.

Nginx was running. Node.js processes were running as well. And yet, the 403 error persisted.

Restarted everything. Went through all the relevant configurations and still .. nothing. Everything checks out. It makes absolutely no sense for the damn site to be returning a 403.

So I try some other sites running on the same server. All but one return a 403.

Whaaat? O.o

And then I tried a particular document from the working site, on a different domain. It worked. Served the document flawlessly.

But … dear Nginx, I’m using server_name things, you were supposed to treat each domain as a somewhat different server and respond accordingly. I mean, come on, this is technology from the late 1990′s when people realized it might be useful to have more than one website per server.

Turns out in all config files I had this:

server {
	listen 80;
        server_name hipstervision.org;

But on that particular site I had:

server {
	listen my-ip:80;
        server_name something.something;

Not sure why that was the case, but apparently Nginx pushes all requests to the most specific listen rule first and only worries about domains and server names later.

Good to know!