Contents
What can SELinux be used for in Apache?
Used by Apache to generate and append to web application log files. Assign to a directory used by Apache for caching, if you are using mod_cache. For a complete list of context types for Apache, open the man page for Apache and SELinux.
Why does SELinux block Apache from loading files?
SELinux blocks Apache from loading content outside of default directories. Some files require for the application read and write access. By default, they cannot. Some directories require write access for uploading content.
How to keep your Apache web server secure?
Learn how to keep your Apache Web server secure by applying basic SELinux settings, including adjusting SELinux so Apache uses nondefault settings. The chances of having your Web servers hacked are real, but SELinux can be used to make sure that your website doesn’t suffer real damage.
Is it safe to use SELinux on a web server?
The chances of having your Web servers hacked are real, but SELinux can be used to make sure that your website doesn’t suffer real damage. You can use SELinux types to create an exact definition of what a service can do and where it can do it.
Why is SELinux enabled by default on CentOS 7?
On my installation of CentOS 7, SELinux is enabled by default. This is preventing Apache from properly reading PHP files in the standard /var/www/html document root (the browser is blank when displaying web pages containing PHP script). When I disable SELinux the pages display normally.
Why does SELinux block Apache from loading files outside of default directories?
SELinux blocks Apache from loading content outside of default directories. Some files require for the application read and write access. By default, they cannot. Some directories require write access for uploading content. By default, they cannot.
Why do I need to install SELinux on Red Hat?
SELinux can be very troublesome when deploying web applications on Red Hat while not using the default Apache directories, for either content or logs. Your application may need to be installed in a separate directory or maybe, for other reasons, you want to place your content somewhere else.