nginx suddenly can’t proxy to non-standard ports – Boolean SeLinux

Written by James McDonald

May 12, 2016

I did an upgrade recently and suddenly nginx wasn’t forwarding requests to remote hosts on non-standard ports…. this was on a CentOS host which had seLinux enabled.

Turn seLinux off temporarily

setenforce 0

Does nginx now work proxying to non-standard ports?

Turn it back on

setenforce 1

Does nginx now fail to proxy to non-standard ports?

If so you probably have a problem with seLinux denying access to nginx to forward requests to a non-standard port….

Get all your seLinux booleans

getsebool -a

If you need to create an seLinux policy to allow nginx to do what it does to non-standard ports… Then…. checkout my posting on audit2allow

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

You May Also Like…