SElinux: allow httpd to connect to a specific port

by

By default, the SELinux policy will only allow services access to recognized ports associated with those services:

# semanage port -l | egrep '(^http_port_t|6379)'
http_port_t                    tcp      80, 81, 443, 488, 8008, 8009, 8443, 9000
# curl http://localhost/redis.php
Cannot connect to redis server.

– add Redis port (6379) to SELinux policy

# semanage port -a -t http_port_t -p tcp 6379
# semanage port -l | egrep '(^http_port_t|6379)'
http_port_t                    tcp      6379, 80, 81, 443, 488, 8008, 8009, 8443, 9000
# curl http://localhost/redis.php
Connected successfully.

You can also install setroubleshoot-server RPM and run: sealert -a /var/log/audit/audit.log – it will give you a nice report with useful suggestions (including command above).

PHP script to test connection:

# cat redis.php 
<?php

$redis=new Redis();
$connected= $redis->connect('127.0.0.1', 6379);

if(!$connected) {
        die( "Cannot connect to redis server.\n" );
}

echo "Connected successfully.\n";

?>

Related Contents:

  1. How do I enable apache modules from the command line in RedHat?
  2. How do I get SELinux to allow Apache and Samba on the same folder?
  3. Is it possible to generate RSA key without pass phrase?
  4. What does Apache’s “Require all granted” really do?
  5. Apache2 config variable is not defined
  6. Apache Default/Catch-All Virtual Host?
  7. How to redirect root and only root via htaccess?
  8. How much of a performance hit for https vs http for apache?
  9. How can I tell which config file Apache is using?
  10. Configuring Apache2 to proxy WebSocket?
  11. Simple apache2 redirect from one domain to another
  12. Apache ab: please explain the output
  13. Enabling mod_headers on apache2
  14. How do I cleanly remove apache2 server on ubuntu server and then reinstall?
  15. Why is Nginx so fast?
  16. Why not use a WAMP stack?
  17. Generate .key and .crt from PKCS12 file?
  18. Optimal values for ServerLimit, MaxClients, MaxRequestsPerChild directives
  19. How to dump entire HTTP requests with apache
  20. .htaccess is ignored even though VirtualHost has “AllowOverride All”
  21. Apache2 Proxy timeout
  22. Conflict between SNI and HTTP provided domains
  23. Resolving to virtual host very slow on Mac OS X Lion
  24. Oops, no RSA or DSA server certificate found for ‘server.host.name:0’?
  25. Can you use Redirect and Proxypass at the same time
  26. Command line tools to analyze Apache log files [closed]
  27. Display Apache Configuration
  28. Can you determine which Apache modules have been used and can be removed?
  29. How do I configure the default virtual host return a 404 header in apache?
  30. Why is Apache running so many processes? Excessive RAM here?
  31. ProxyPass: Redirect directory URL to non-standard port
  32. ApacheBenchmark ab – SSL read failed – closing connection
  33. Invalid command ‘VirtualDocumentRoot’
  34. Should you edit/delete the default apache site config?
  35. Apache: Isn’t chmod 755 enough to set up symlink or alias on Apache httpd on Mac OS 10.5?
  36. Apache: Scammers point dozens of domain names at my dedicated IP. How to prevent this?
  37. Can I define HTTP and HTTPS in the same VirtualHost in Apache conf?
  38. How do I set default umask in Apache on Debian?
  39. How to detect in PHP, if it is running on Apache, Nginx or some other webserver? [closed]
  40. Deploying Django App with Nginx, Apache, mod_wsgi
  41. Apache says DocumentRoot doesn’t exist when it does
  42. How to disable TLS 1.1 & 1.2 in Apache?
  43. How can I enable mod_rewrite in apache on Ubuntu?
  44. Disable modsecurity For a Specific Directory
  45. How to set apache virtualhost to work with ipv6?
  46. Why is https not working?
  47. How to avoid restarting Apache proxy when you restart CouchDB
  48. Can Apache conditionally perform a rewrite from a custom http header?
  49. How do I set proper Headers for JSON in Apache?
  50. Akward delay to connect Apache’s proxy request to a node.js App

Leave a Comment