On Mon, 2023-04-24 at 22:21 +0930, Tim via users wrote:
Samuel Sieb:
> > As someone else mentioned, why are you writing logs to the web
> > server
> > data directory? There's a directory (/var/log/httpd) that's
> > already
> > intended for that. The file context is most likely going to be
> > wrong, which is why selinux is (rightly) blocking it.
Patrick O'Callaghan:
> Why? Because being unfamiliar with Apache (and Certbot) I was
> foolishly
> following an online step-by-step guide:
>
>
https://www.linuxshelltips.com/install-apache-fedora-linux/
>
> I've since seen the error of my ways and it seems to be working
> now.
I'm a bit surprised at that site's recommendations. It's quite
different from info I've read before, and how the default Apache
install on Fedora is set up. My guess is that they've followed some
other example, and then just put "Fedora" into the text in a few key
places. It's surprising it doesn't also say, first switch off
SELinux.
Yes, it's that most dangerous thing: *nearly* right.
[...]
The *default* site being what's served if you don't request a
site by
a recognised hostname. But if you only have ONE site, it could be
the default one.)
That's probably related to Certbot wanting a virtual host.
Other examples suggest schemes like this:
/var/www/html/ (the default site)
/var/www/now-to-eat-pizza/ (one of your virtual sites)
/var/www/exercising-your-pet-rock/ (another of your virtual sites)
The whole /var/www/ is a bit odd, too. It's probably no more
variable
content than your own personal files. Other instructions advise
websites should be served from /srv/
There's all sorts of very different example suggestions, and some of
them are bad advice.
I see that.
poc