is it a SELinux problem?

Issues related to configuring your network
Post Reply
hack3rcon
Posts: 710
Joined: 2014/11/24 11:04:37

is it a SELinux problem?

Post by hack3rcon » 2020/08/25 11:44:47

Hello,
I want to use WordPress and configured LAMP for it but Apache stopped suddenly and can't working. The Apache service is running but the WordPress can't show. I configured the SELinux for WordPress too:

Code: Select all

# ls -lZ
total 268
-rw-r--r--. 1 root   root   system_u:object_r:usr_t:s0                      266455 Oct  5  2012 apache_pb.svg.bak
drwxr-xr-x. 2 root   root   system_u:object_r:httpd_sys_script_exec_t:s0         6 Jun  9 00:46 cgi-bin
drwxr-xr-x. 2 root   root   system_u:object_r:httpd_sys_rw_content_t:s0          6 Jun  9 00:46 html
drwxrwxr-x. 7 apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0   4096 Aug 25 14:37 wordpress
Log tell me:

Code: Select all

$ tail /var/log/messages
Aug 25 16:05:27 localhost kernel: FINAL_REJECT: IN=ens192 OUT= MAC=01:00:5e:00:00:fc:6c:f0:49:e4:df:71:08:00 SRC=192.168.1.2 DST=224.0.0.252 LEN=58 TOS=0x00 PREC=0x00 TTL=1 ID=23632 PROTO=UDP SPT=65358 DPT=5355 LEN=38 
Aug 25 16:05:27 localhost kernel: FINAL_REJECT: IN=ens192 OUT= MAC=ff:ff:ff:ff:ff:ff:6c:f0:49:e4:df:71:08:00 SRC=192.168.1.2 DST=172.20.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=23805 PROTO=UDP SPT=137 DPT=137 LEN=58 
Aug 25 16:05:27 localhost kernel: FINAL_REJECT: IN=ens192 OUT= MAC=ff:ff:ff:ff:ff:ff:00:50:56:ba:c2:10:08:00 SRC=192.168.1.2 DST=172.20.255.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=17576 PROTO=UDP SPT=137 DPT=137 LEN=58 
Aug 25 16:05:27 localhost kernel: FINAL_REJECT: IN=ens192 OUT= MAC=01:00:5e:00:00:fc:00:50:56:ba:c2:10:08:00 SRC=192.168.1.2 DST=224.0.0.252 LEN=56 TOS=0x00 PREC=0x00 TTL=1 ID=27979 PROTO=UDP SPT=63876 DPT=5355 LEN=36 
Aug 25 16:05:27 localhost kernel: FINAL_REJECT: IN=ens192 OUT= MAC=01:00:5e:00:00:fc:00:50:56:ba:c2:10:08:00 SRC=192.168.1.2 DST=224.0.0.252 LEN=56 TOS=0x00 PREC=0x00 TTL=1 ID=27980 PROTO=UDP SPT=50422 DPT=5355 LEN=36 
Aug 25 16:05:28 localhost kernel: FINAL_REJECT: IN=ens192 OUT= MAC=01:00:5e:00:00:fc:00:50:56:ba:6e:f9:08:00 SRC=192.168.1.2 DST=224.0.0.252 LEN=53 TOS=0x00 PREC=0x00 TTL=1 ID=24426 PROTO=UDP SPT=50457 DPT=5355 LEN=33 
Aug 25 16:05:28 localhost kernel: FINAL_REJECT: IN=ens192 OUT= MAC=01:00:5e:00:00:fc:00:50:56:ba:6e:f9:08:00 SRC=192.168.1.2 DST=224.0.0.252 LEN=54 TOS=0x00 PREC=0x00 TTL=1 ID=24427 PROTO=UDP SPT=59893 DPT=5355 LEN=34 
Aug 25 16:05:28 localhost kernel: FINAL_REJECT: IN=ens192 OUT= MAC=01:00:5e:00:00:fc:00:50:56:ba:6e:f9:08:00 SRC=192.168.1.2 DST=224.0.0.252 LEN=54 TOS=0x00 PREC=0x00 TTL=1 ID=24428 PROTO=UDP SPT=51318 DPT=5355 LEN=34 
Aug 25 16:05:28 localhost kernel: FINAL_REJECT: IN=ens192 OUT= MAC=01:00:5e:00:00:fc:00:50:56:ba:6e:f9:08:00 SRC=192.168.1.2 DST=224.0.0.252 LEN=56 TOS=0x00 PREC=0x00 TTL=1 ID=24429 PROTO=UDP SPT=61221 DPT=5355 LEN=36 
Aug 25 16:05:28 localhost kernel: FINAL_REJECT: IN=ens192 OUT= MAC=01:00:5e:00:00:fc:00:50:56:ba:6e:f9:08:00 SRC=192.168.1.2 DST=224.0.0.252 LEN=56 TOS=0x00 PREC=0x00 TTL=1 ID=24430 PROTO=UDP SPT=62196 DPT=5355 LEN=36 
I disabled the Firewalld too but problem exist:

Code: Select all

# firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens192
  sources: 
  services: http https ssh
  ports: 990/tcp 40000-50000/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
 
How can I solve it?

Thank you.

hack3rcon
Posts: 710
Joined: 2014/11/24 11:04:37

Re: is it a SELinux problem?

Post by hack3rcon » 2020/08/25 12:47:51

More information:

Code: Select all

# cat modsec_audit.log
--1b44395e-H--
Apache-Error: [file "mod_autoindex.c"] [line 2329] [level 3] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php,index.php) found, and server-generated directory index forbidden by Options directive
Stopwatch: 1598359137900184 2090 (- - -)
Stopwatch2: 1598359137900184 2090; combined=49, p1=4, p2=35, p3=0, p4=0, p5=10, sr=0, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.9.2 (http://www.modsecurity.org/).
Server: Apache
Engine-Mode: "ENABLED"
And:

Code: Select all

# cat /etc/httpd/conf.d/wp.conf 
<VirtualHost *:80>
ServerAdmin root@localhost
ServerAlias www.mymy.net
DocumentRoot /var/www/wordpress
<Directory "/var/www/wordpress">
Options Indexes FollowSymLinks
AllowOverride all
Require all granted
</Directory>
ErrorLog /var/log/httpd/wordpress_error.log
CustomLog /var/log/httpd/wordpress_access.log common
</VirtualHost>
And:
I don't know why it look "/var/www/html/" !!!
Last edited by hack3rcon on 2020/08/25 17:18:05, edited 1 time in total.

hack3rcon
Posts: 710
Joined: 2014/11/24 11:04:37

Re: is it a SELinux problem?

Post by hack3rcon » 2020/08/25 16:50:28

Can it because of "mod_security" ?

Post Reply

Return to “CentOS 8 - Networking Support”