Tag Archives: Apache

Fixing 404 Errors on WordPress with Let’s Encrypt

Since my SSL cert was nearing expiration, I thought it would be a good idea to give Let’s Encrypt (free SSL certs!) a try.

Let’s Encrypt has a helper app called certbot that will configure Apache for you automatically. The really nice thing about certbot is that it will also (via crontab) renew your cert and configure Apache to use the new cert. This is useful, since Let’s Encrypt certs expire every 90 days.

To use certbot effectively, you need an Apache configuration that’s setup the way your distro expects. Mine was not (I hand ported the configs from Ubuntu), so I figured it was a good time to reinstall Apache with the default configs, then run certbot (official instructions here: https://certbot.eff.org/ ).

This initially seemed to work great, but I quickly noticed all of my subpages returned 404 errors. WordPress works best when you allow it to configure a .htaccess file to do URL rewrites. Allowing URL rewrites via .htaccess requires some additional configuration in your ssl.conf file.

sudo nano /etc/httpd/conf.d/ssl.conf

Add the following just before </VirtualHost> at the very end of your config.

<Directory /var/www/html/>
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>

Thanks to Mike McMurray who posted the instructions at: https://mike.mcmurray.co.nz/2017/01/08/wordpress-permalink-404-with-https/

 

SELinux ACLs with Apache

A quick reminder to myself (and you if you’ve come across my little site) to change SELinux file ACLs when uploading new files to be served by Apache (httpd) on Centos.

Yesterday I linked to some Radeon drivers in my http://www.shernet.com/windows/ati-radeon-mobility-x1400-on-windows-10/ post.

However, the linked zip file was showing ‘Access Denied’ errors, despite the correct filesystem permissions.

I had forgotten to also mark the file as something httpd should have access to on Centos as far as SELinux was concerned.

Without further ado, it simply took:

sudo chcon -v -t httpd_sys_content_t uploaded_file.ext