WordPress admin page not working on stock CentOS 7 install using Stackscript
After installing CentOS 7 using this WordPress StackScript, I am unable to connect to my admin page. I haven't configured any DNS yet, but should be able to access the WordPress admin page over my IP address. I have tried allowing the http service through my firewall with
sudo firewall-cmd --zone=public --add-service=http --permanent
sudo firewall-cmd --reload
to no avail. What could be causing the issue?
I just tested this StackScript myself and those commands should have worked. Have the rules definitely been applied? You can check that 'http' is an added service by running this:
sudo firewall-cmd --list-all
You can try stopping firewalld outright as a test. Start it again after testing.
sudo systemctl stop firewalld
#Browse to your Linode's IP address, then..
sudo systemctl start firewalld
Also check if Apache started up properly and is listening for connections on port 80 too:
sudo systemctl status httpd -l
sudo ss -plntu | column -t
Lastly what page do you see when browsing to the IP address?
I have gone ahead and created a Linode using the provided StackScript and I can confirm that I had the same trouble - I could not connect to the WordPress admin site using my IP address. There are a couple of things I noticed immediately after installing the default image:
1 - The firewall rule for http is not enabled
2 - httpd is set to listen on all interfaces, but it's not working
While the commands listed in your question should open port 80 in your firewall, it has been my own experience that the
--add-service=<service name> flag with firewall-cmd does not always seem to work correctly, however
--add-port=<port number/protocol> seems to work quite well. In my own setup, what I found was that I was able to open the firewall ports by running the commands:
sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
sudo firewall-cmd --reload
however once the firewall reloaded, I was still unable to connect to the WordPress site. My first thought was that since our latest images honor the distribution's default SELinux settings - which in CentOS 7 is to enforce SELinux policy - that this could be part of the issue, however disabling SELinux did not help (and in fact, the fix that I did find continued to work even with SELinux enabled) - so this was not the culprit.
The output of
sudo netstat -plunt yielded a result which looked like this:
$sudo netstat -plunt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 860/sshd
tcp6 0 0 :::80 :::* LISTEN 11826/httpd
tcp6 0 0 :::22 :::* LISTEN 860/sshd
At first glance, it appears that the second entry (the first 'tcp6' entry) is telling us that httpd is only listening to port 80 on IPv6, but on Linux systems this line is actually a universal mapping for both IPv4 and IPv6 and indicates that httpd is listening to port 80 on all IP addresses assigned to an interface on your Linode, regardless of the addressing standard (see Apache's Guide on Binding to Addresses and Ports for reference).
I am still unclear as to why this did not work, however I did find that by adding separate entries to explicitly allow connections for all addresses on both IPv4 and IPv6, I was then able to load my WordPress admin page on IPv4 and IPv6 without any issue. To do this, you will need to edit
/etc/httpd/conf/httpd.conf. In that file, you will find lines that look similar to the following:
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
If all you need is IPv4, you can change the uncommented line (the one without the '#') to say
Listen 0.0.0.0:80. This will allow connections to your webserver (httpd/Apache), regardless of which IPv4 address is being used to access your site. If you host your site on a specific IPv4 address and would like to specify that the server only listen on that interface, you can substitute '0.0.0.0' with your IPv4 address. For example, if your IPv4 address was '220.127.116.11', the line would read:
This is the same as the example used in 'httpd.conf' (the commented line). The same applies to IPv6, however you need to put brackets around the address. If you wish to accept connections on all IPv6 interfaces, add the line:
To listen only on a specific IPv6 address:
where 'example:ipv6:address' is the IPv6 address for the interface you would like httpd to listen on.
Regardless of the changes you make, don't forget to restart httpd after saving:
sudo systemctl restart httpd.service
I see that while I was working on this another response was added with some great troubleshooting advice, so hopefully between the two responses you will be able to find a resolution for your own setup. Just let us know if you are still having issues!