Apache 403 after /var/www backup

StackOverflow https://stackoverflow.com/questions/23189189

  •  06-07-2023
  •  | 
  •  

Question

I'm running a WordPress site on a RHEL server and I do backup every week for the WP MySQL database and the /var/www folder:

mysqldump -uroot -p******** blog -l -F > /bak/blog.sql
tar -jcpv -f /bak/www.tar.bz2 /var/www

The latest backup was done at 6 a.m. (UTC +8) this morning and I upgraded WP to 3.9 at 7. Some features were not compatible with 3.9, so I decided to roll back. I restored the database and the folder:

mysql -uroot -p blog < /bak/blog.sql
tar -jxv -f /bak/www.tar.bz2 -C /

and then the site gave me a 403. I restarted Apache and rebooted the server but it didn't help. The site was running before I upgraded WP, so I think the conf.s are the same before and after the backup/restore, therefore the problem might not be there. My homepage is redirect to my.si.te/blog/, and I can't visit a pure index.html at my.si.te/test/ (/var/www/html/test/) either. It's the same message: You don't have permission to access /(blog/test) on this server.

[Mon Apr 21 08:42:48 2014] [crit] [client 144.*.*.*] (13)Permission denied: /var/www/html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
[Mon Apr 21 08:42:56 2014] [crit] [client 157.*.*.*] (13)Permission denied: /var/www/html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable
[Mon Apr 21 08:42:58 2014] [crit] [client 178.*.*.*] (13)Permission denied: /var/www/html/.htaccess pcfg_openfile: unable to check htaccess file, ensure it is readable, referer: http://my.si.te

What would be the problem and how can I fix it? Thanks!

Was it helpful?

Solution

The most straight way (reboot required): vim /etc/selinux/config (RedHat/CentOS), and set 

SELINUX=disabled

and reboot. Or keep the selinux with a warning msg (reboot needed still), vim selinux config, and set

SELINUX=permissive

Or an immediate command would be (temporary effect):

echo 0 > /selinux/enforce
# echo 1 > /selinux/enforce (put selinux back)

I choose to give the web files a pass and leave selinux on:

chcon -Rv --type=httpd_sys_content_t /var/www

If a Ghost blogging platform (blog.si.te) is running, an extra line may be needed:

setsebool -P httpd_can_network_connect 1
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top