nginx suddenly can’t proxy to non-standard ports – Boolean SeLinux

Written by James McDonald

May 12, 2016

I did an upgrade recently and suddenly nginx wasn’t forwarding requests to remote hosts on non-standard ports…. this was on a CentOS host which had seLinux enabled.

Turn seLinux off temporarily

setenforce 0

Does nginx now work proxying to non-standard ports?

Turn it back on

setenforce 1

Does nginx now fail to proxy to non-standard ports?

If so you probably have a problem with seLinux denying access to nginx to forward requests to a non-standard port….

Get all your seLinux booleans

getsebool -a

If you need to create an seLinux policy to allow nginx to do what it does to non-standard ports… Then…. checkout my posting on audit2allow

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Meraki Open Source Licenses

Until today I assumed that Meraki was built in-house with only closed source software. But having a look at the...

VEEAM FAILS

If you have Veeam backup failing with the Updating BCD failed with Cannot update SafeBoot flag and SentinelOne is...