nginx suddenly can’t proxy to non-standard ports – Boolean SeLinux

Written by James McDonald

May 12, 2016

I did an upgrade recently and suddenly nginx wasn’t forwarding requests to remote hosts on non-standard ports…. this was on a CentOS host which had seLinux enabled.

Turn seLinux off temporarily

setenforce 0

Does nginx now work proxying to non-standard ports?

Turn it back on

setenforce 1

Does nginx now fail to proxy to non-standard ports?

If so you probably have a problem with seLinux denying access to nginx to forward requests to a non-standard port….

Get all your seLinux booleans

getsebool -a

If you need to create an seLinux policy to allow nginx to do what it does to non-standard ports… Then…. checkout my posting on audit2allow


Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Network speed test host to host

On Ubuntu / Debian apt-get install iperf3 On Windows download it from Make...

Clear HSTS Settings in CHrome

Open chrome://net-internals/#hsts enter the domain in the query field and click Query to confirm it has HSTS settings...