Table of Contents

  1. Change webroot of Apache server
    1. Step 1. Choose method below
      1. Option 1. Change webroot in httpd configuration
      2. Option 2. Create symlink to new webroot ( no config changes required )
    2. Step 2. Change file label using SELinux
    3. Step 3. Test
  2. Allow different port for http using Selinux
    1. Step 1. Change port label for http using semanage
    2. Step 2 ( optional). add port in firewall

Change webroot of Apache server

Step 1. Choose method below

Option 1. Change webroot in httpd configuration

  • Open /etc/httpd/httpd.conf

  • Change “DocumentRoot” to file location of new webroot

  • Change “Directory” to location of new webroot

  • reload httpd

Example Configuration


DocumentRoot "/webfiles"

<Directory "/webfiles">
    AllowOverride None
    # Allow open access:
    Require all granted
</Directory>

Option 2. Create symlink to new webroot ( no config changes required ) 

# Make sure new webroot has httpd_sys_content_t port label applied
rm -rf /var/www/html
sudo ln -s /webroot /var/www/html

Step 2. Change file label using SELinux

Note: New webroot must have port label changed to the following to work

sudo semanage fcontext -a -t httpd_sys_content_t "/new/webroot(/.*)?"
sudo restorecon -Rv /data/share

Step 3. Test

  • Once you have made your changes , test if the changes worked by using curl
curl http://localhost:80

Allow different port for http using Selinux

Step 1. Change port label for http using semanage 

semanage port -a -t http_port_t -p tcp 81 # Use any alternate port number here

Step 2 ( optional). add port in firewall

If you have not done so already , make sure the new port you would like to use has been allowed through your firewall

firewall-cmd --add-port=<new-port-here> --permanent && firewall-cmd --reload