I’ve been maintaining my own web server for this WordPress blog for several years now, dating back to 2005 when I first starting using CentOS 4 to run my website. Those were the days I switched from authoring websites with Dreamweaver and FTP, to using WordPress and ditching those antiquated tools alltogether. Talking of antiquated, I’ve been working with Unix since 1992 and was a Linux sysadmin for an ISP for several years after that. I’ve also been learning along the way with each release of CentOS/RHEL, and I have taken much more notice of security hardening including the use of SELinux.
As an experiment, I posted a tweet last night merely mentioning SELinux which resulted in some predictable responses including:
…doesn’t everyone disable selinux at install? Usability vs security wins every time.
I really don’t blame them for disliking SELinux, it seems that is a majority opinion. But I hope to change that! If I can get it working and playing nicely with my WordPress site then so can you. The reason I use SELinux isn’t to make my life any more difficult (though that could be true at times!), but it helps me better understand the inner-workings of CentOS 7 better, while providing significant levels of security.
For the remainder of this guide, I will assume that you know how to use Vi or another text editor, and you have a basic understanding of the Linux operating system.
[Read more…] about Building a Secure WordPress server with LAMP on CentOS 7 and SELinux