WordPress admin page not working on stock CentOS 7 install using Stackscript

Linode Staff

After installing CentOS 7 using this WordPress StackScript, I am unable to connect to my admin page. I haven't configured any DNS yet, but should be able to access the WordPress admin page over my IP address. I have tried allowing the http service through my firewall with

sudo firewall-cmd --zone=public --add-service=http --permanent
sudo firewall-cmd --reload

to no avail. What could be causing the issue?

2 Replies

I just tested this StackScript myself and those commands should have worked. Have the rules definitely been applied? You can check that 'http' is an added service by running this:

sudo firewall-cmd --list-all

You can try stopping firewalld outright as a test. Start it again after testing.

sudo systemctl stop firewalld
#Browse to your Linode's IP address, then..
sudo systemctl start firewalld

Also check if Apache started up properly and is listening for connections on port 80 too:

sudo systemctl status httpd -l
sudo ss -plntu | column -t

Lastly what page do you see when browsing to the IP address?

I have gone ahead and created a Linode using the provided StackScript and I can confirm that I had the same trouble - I could not connect to the WordPress admin site using my IP address. There are a couple of things I noticed immediately after installing the default image:

1 - The firewall rule for http is not enabled
2 - httpd is set to listen on all interfaces, but it's not working

While the commands listed in your question should open port 80 in your firewall, it has been my own experience that the --add-service=<service name> flag with firewall-cmd does not always seem to work correctly, however --add-port=<port number/protocol> seems to work quite well. In my own setup, what I found was that I was able to open the firewall ports by running the commands:

sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
sudo firewall-cmd --reload

however once the firewall reloaded, I was still unable to connect to the WordPress site. My first thought was that since our latest images honor the distribution's default SELinux settings - which in CentOS 7 is to enforce SELinux policy - that this could be part of the issue, however disabling SELinux did not help (and in fact, the fix that I did find continued to work even with SELinux enabled) - so this was not the culprit.

The output of sudo netstat -plunt yielded a result which looked like this:

$sudo netstat -plunt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      860/sshd
tcp6       0      0 :::80                   :::*                    LISTEN      11826/httpd
tcp6       0      0 :::22                   :::*                    LISTEN      860/sshd 

At first glance, it appears that the second entry (the first 'tcp6' entry) is telling us that httpd is only listening to port 80 on IPv6, but on Linux systems this line is actually a universal mapping for both IPv4 and IPv6 and indicates that httpd is listening to port 80 on all IP addresses assigned to an interface on your Linode, regardless of the addressing standard (see Apache's Guide on Binding to Addresses and Ports for reference).

I am still unclear as to why this did not work, however I did find that by adding separate entries to explicitly allow connections for all addresses on both IPv4 and IPv6, I was then able to load my WordPress admin page on IPv4 and IPv6 without any issue. To do this, you will need to edit /etc/httpd/conf/httpd.conf. In that file, you will find lines that look similar to the following:

#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 80

If all you need is IPv4, you can change the uncommented line (the one without the '#') to say Listen 0.0.0.0:80. This will allow connections to your webserver (httpd/Apache), regardless of which IPv4 address is being used to access your site. If you host your site on a specific IPv4 address and would like to specify that the server only listen on that interface, you can substitute '0.0.0.0' with your IPv4 address. For example, if your IPv4 address was '12.34.56.78', the line would read:

Listen 12.34.56.78:80

This is the same as the example used in 'httpd.conf' (the commented line). The same applies to IPv6, however you need to put brackets around the address. If you wish to accept connections on all IPv6 interfaces, add the line:

Listen [::]:80

To listen only on a specific IPv6 address:

Listen [example:ipv6:address]:80

where 'example:ipv6:address' is the IPv6 address for the interface you would like httpd to listen on.

Regardless of the changes you make, don't forget to restart httpd after saving:

sudo systemctl restart httpd.service

I see that while I was working on this another response was added with some great troubleshooting advice, so hopefully between the two responses you will be able to find a resolution for your own setup. Just let us know if you are still having issues!

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct