How to Solve a 403 Nginx File Download Permission Error

You’re closer than you think to a career in tech. Our grads have launched rewarding new careers — you can too.

View Our Jobs Report

The following is a guest post by Corinna Brock and originally appeared on her blog. Corinna is currently a student a The Flatiron School. You can follow her on twitter here.

Once the basic functionality of our website was implemented, one of the features that we wanted to implement was file upload and download. The basic upload functionality was surprisingly easy to implement using a gem called CarrierWave. The Github page has a pretty thorough walk-through, but if you’re looking to display the content on your website there is a Railscast on the file upload process. Both will walk you through the steps of setting it up, and it took us about 20 minutes.

File download was a bit more complex. While an individual user would only upload one file to be associated with an assignment, the person who assigned the assignment would probably want a way to download all of the submitted work at once. For this, we implemented a gem called RubyZip. If you’re writing a rails app, you don’t need to require ‘rubygems’, but you DO need to require ‘zip/zip’ in your application.rb file.

The RubyZip documentation is pretty dense, but thorough. With a few modifications, we passed it an array of files, specified the file names, and created a file tree structure so that when the user downloaded the files, they were organized by submitter and named appropriately.


Everything worked on our local host, but when we deployed to our server we got an Nginx 403 permissions error. Once we SSH’ed into the server, we saw that the file was being created, but while the owner of the file was allowed to read and write the file, no one else could do anything with it.

Much like you can run chmod in your bash window, Ruby also contains a chmod command. By adding one line to our code, we modified our permissions and allowed the user to download the file appropriately.


Returning to the server, you can see that the permissions were appropriately modified, and the user can now download the Zip file of all the files for an assignment. The built-in site functionality works as well.

This is a great explanation of file permissions in Unix. For purposes of simplicity, I’ve abstracted away the routing and controller functionality that calls the above method.

Headshot of Flatiron School

Flatiron School

Blog Post Author

Read More Flatiron School Articles

Since we opened our doors in 2012, thousands of students have joined Flatiron School to launch new careers in tech.

Explore our Courses

Find the perfect course for you across our in-person and online programs designed to power your career change.

Explore Our Courses
Join a Community

Connect with students and staff at meetups, lectures, and demos – on campus and online.

Join the Community
Schedule a Chat

Have a question about our programs? Our admissions team is here to help.

Schedule a Chat