I did an upgrade recently and suddenly nginx wasn’t forwarding requests to remote hosts on non-standard ports…. this was on a CentOS host which had seLinux enabled.
Turn seLinux off temporarily
setenforce 0
Does nginx now work proxying to non-standard ports?
Turn it back on
setenforce 1
Does nginx now fail to proxy to non-standard ports?
If so you probably have a problem with seLinux denying access to nginx to forward requests to a non-standard port….
Get all your seLinux booleans
getsebool -a
If you need to create an seLinux policy to allow nginx to do what it does to non-standard ports… Then…. checkout my posting on audit2allow
0 Comments