crispee

Forum Replies Created

Viewing 4 replies - 1 through 4 (of 4 total)
  • crispee

    (@crispee)

    For what it’s worth 11 months later, the original poster was asking about enabling the debug log level in apache. For example in apache 2.2 you would use this directive:
    https://httpd.apache.org/docs/2.2/mod/core.html#loglevel
    So you would edit your httpd.conf or apache2.conf or your virtual host config file and add the directive in there: LogLevel debug
    restart apache and watch your error_log file fill up, this log file is usually in /var/log/apache2 or /var/log/httpd depending on your OS and apache version.

    I apologize for reviving an old thread, I should have just let it die, but sometimes I see people use “Disable SELinux” as a solution and it just grinds my gears.
    @applista so what you’re saying is that I should disable SELinux because WordPress is already full of holes…I have no reply to that, it speaks for itself. ??
    I agree with ClaytonJames, SELinux has come a long way, and is actually fairly easy to manage.
    This will show you httpd related booleans:
    getsebool -a |grep httpd
    Since WordPress connects to a db, which hopefully in production doesn’t run on the same server than you will need to turn on:
    setsebool -P httpd_can_network_connect_db 1
    Funny enough if you just use repositories like epel to install wordpress you won’t have to do much.
    Anyway, hopefully at least maybe the next person isn’t just going to chmod 777, chown -R apache.pache and setenforce 0 everything, and will reconsider after reading this. ??

    And an even worse idea is to permanently disable SELinux!! Never do this! Take the time to read about SELinux and how to set the rules, it is in place to protect your server (esp from users like Applista), it will log everything that is being caught in /var/log/audit/audit.log and if you have setroubleshoot installed it will log to /var/log/messages with simple sealert solutions.
    SE stands for Security Enhanced, if you turn it off, it IS exactly like disabling a firewall (a security system) to allow the flow of data.

    I know this is a few months old, but doing
    setenforce 0
    Is not a solution! It should only be used as a temporary test. There are many good howtos out there in dealing with WP and SELinux. At worst disable it only temporarily to do your WP update, turn it back on after.

    This is like disabling the firewall on a windows server so that you can RDP into it. (it will work but it is not a good idea)

Viewing 4 replies - 1 through 4 (of 4 total)