ddev: [SOLVED] ngnix 403 Forbidden / directory index of "/var/www/html/" is forbidden (firewall issues)

Describe the bug After starting DDEV the ngnix return a 403.

To Reproduce It worked a day ago. It just stopped working. I thought about it and the only thing I can tell is, the only thing what changed obvious, is my WIFI connection/office. I not 100% sure, but it could be, that I forgot to ddev stop before closing my IDE and shutdown the computer.

Expected behavior It should show me the frontend of the TYPO3 which I tested a day ago.

Logs Output from ddev start

Starting environment for typo3-8-7...
Pulling db (drud/mariadb-local:v0.20.0)...
Pulling web (drud/nginx-php-fpm-local:v0.20.0)...
Pulling dba (drud/phpmyadmin:v0.20.0)...
Creating ddev-typo3-8-7-db ... done
Creating ddev-typo3-8-7-dba ... done
Creating ddev-typo3-8-7-web ... done

Network ddev_default is external, skipping
Unable to properly check port status: dial tcp 127.0.0.1:80: connectex: An attempt was made to access a socket in a way forbidden by its access permissions.
Unable to properly check port status: dial tcp 127.0.0.1:443: connectex: An attempt was made to access a socket in a way forbidden by its access permissions.
Pulling ddev-router (drud/ddev-router:v0.20.0)...
Creating ddev-router ... done

Successfully started typo3-8-7
Your project can be reached at http://typo3-8-7.ddev.local, https://typo3-8-7.ddev.local, http://127.0.0.1:32792

The “Unable to properly check port status” is normal in my case and were the same in the last days.

Output from ddev logs

+ set -o errexit nounset pipefail
+ DDEV_PHP_VERSION=7.1
+ '[' -n '' ']'
+ '[' -f /mnt/ddev_config/nginx-site.conf ']'
+ '[' -n 7.1 ']'
+ update-alternatives --set php /usr/bin/php7.1
+ ln -sf /usr/sbin/php-fpm7.1 /usr/sbin/php-fpm
+ export PHP_INI=/etc/php/7.1/fpm/php.ini
+ PHP_INI=/etc/php/7.1/fpm/php.ini
+ '[' -d /mnt/ddev_config/php ']'
+ '[' typo3 = backdrop ']'
+ rm -f /etc/nginx/nginx-site.conf
+ '[' -f /etc/nginx/nginx-site-typo3.conf ']'
+ ln -s /etc/nginx/nginx-site-typo3.conf /etc/nginx/nginx-site.conf
+ envsubst '$NGINX_DOCROOT'
+ '[' false '!=' true ']'
+ disable_xdebug
php-fpm: no process found
Disabled xdebug
+ echo 'Server started'
+ exec /usr/bin/supervisord -n -c /etc/supervisord.conf
Server started
2018-07-07 13:05:48,299 CRIT Set uid to user 0
2018-07-07 13:05:48,316 INFO RPC interface 'supervisor' initialized
2018-07-07 13:05:48,316 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2018-07-07 13:05:48,317 INFO supervisord started with pid 1
2018-07-07 13:05:49,318 INFO spawned: 'php-fpm' with pid 348
2018-07-07 13:05:49,325 INFO spawned: 'nginx' with pid 349
2018-07-07 13:05:49,330 INFO spawned: 'tail' with pid 350
2018-07-07 13:05:49,332 INFO spawned: 'mailhog' with pid 351
==> /var/log/nginx/error.log <==

==> /var/log/php-fpm.log <==
[07-Jul-2018 13:05:49] NOTICE: fpm is running, pid 348
[07-Jul-2018 13:05:49] NOTICE: ready to handle connections
[07-Jul-2018 13:05:49] NOTICE: systemd monitor interval set to 10000ms
2018-07-07 13:05:50,360 INFO success: php-fpm entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2018-07-07 13:05:50,361 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2018-07-07 13:05:50,361 INFO success: tail entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
2018-07-07 13:05:50,361 INFO success: mailhog entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)

==> /var/log/nginx/error.log <==
2018/07/07 13:07:28 [error] 355#355: *87 directory index of "/var/www/html/" is forbidden, client: 172.18.0.5, server: _, request: "GET / HTTP/1.1", host: "typo3-8-7.ddev.local", referrer: "http://typo3-8-7.ddev.l
ocal/"

Version and configuration information (please complete the following information):

  • Windows 10 1803
  • Docker version
Client:
 Version:      18.03.1-ce
 API version:  1.37
 Go version:   go1.9.5
 Git commit:   9ee9f40
 Built:        Thu Apr 26 07:12:48 2018
 OS/Arch:      windows/amd64
 Experimental: false
 Orchestrator: swarm

Server:
 Engine:
  Version:      18.03.1-ce
  API version:  1.37 (minimum version 1.12)
  Go version:   go1.9.5
  Git commit:   9ee9f40
  Built:        Thu Apr 26 07:22:38 2018
  OS/Arch:      linux/amd64
  Experimental: false
  • ddev version
cli     v0.20.0
web     drud/nginx-php-fpm-local:v0.20.0
db      drud/mariadb-local:v0.20.0
dba     drud/phpmyadmin:v0.20.0
router  drud/ddev-router:v0.20.0
commit  v0.20.0
domain  ddev.local
  • config.yaml content
name: typo3-8-7
type: typo3
docroot: ""
php_version: "7.1"
router_http_port: "80"
router_https_port: "443"
xdebug_enabled: false
additional_hostnames: []
provider: default
  • TYPO3_8_7 branch from git://git.typo3.org/Packages/TYPO3.CMS.git
  • same problem ist current master branch

Additional context I used ddev ssh to look into the container. The odd thing is, the DocRoot /var/www/html/ seems empty (besides .ddev-folder). Like if nothing get linked into the container.

root@4c2ed1860005:/var/www/html# ls -alt
total 4
drwxr-xr-x 3 root root   60 Jul  7 12:35 .ddev
drwxr-xr-x 3 root root   60 Jul  7 12:35 .
drwxrwxrwx 1 root root 4096 May 21 21:58 ..

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Comments: 15 (8 by maintainers)

Most upvoted comments

I’d like to share, that the other opinion seems to work as well:

So I guess […] and creating a new rule ‘Docker SMB Mount’ with action ‘By Application Rules’ should also work.

This is my current additional firewall network package rule: 2018-07-09 21_48_49-typo3 cms login_ typo3 8 7 ddev - firefox developer edition

I leave the port 445 in the original ruleset and just create an additional one.

+1
vaxul on Jul 9, 2018
Read more comments on GitHub
← ddev: readthedocs: Broken layout on 404 page
ddev: Stop cron so it doesn't change database while doing a database pull →