Allow nginx to access a remote DB on a Centos

If you try to access a remote database with nginx or httpd server, you will have a connection problem with error code (13) even if mysql/mariadb client works well in command line. The reason for that is a security limitation set by default not allowing httpd servers sur connect a remote DB.

To disable this limitation and make all work, just type in the command line :

# setsebool -P httpd_can_network_connect 1

You can list all the existing flags for httpd by using getsebool

# getsebool -a | grep httpd

In case you expect SELinux to be the cause of your problem, you can enable / disable it with the following functions

# setenforce 1
# setenforce 0

If you need to check what is the permission missing for SELinux you can run the audit

# tail -100 /var/log/audit/audit.log | audit2allow


4 thoughts on “Allow nginx to access a remote DB on a Centos

  1. Thank you very much !!!
    Your one line command fixed my long trouble !!!
    You saved me from the deepest hell.

    I do hate SELinux….
    (To frankly speaking, this is my responsibility. I have to study for this.)


  2. Hi,

    You should use the command as follows:
    # setsebool -P httpd_can_network_connect 1
    If you don’t specify the -P option, everything will be lost after reboot.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.