Failed to open stream: Permission denied [Apache]

Updated on March 15, 2022

Moved my local development files to the server after setting up Apache, PHP, and MySQL on my CentOS 7. When I tried to access one of the pages, noticed a “Failed to open stream: Permission denied” warning message in the error_log file. Below is the complete warning message:

[Wed Nov 17 10:57:29.268675 2021] [php:warn] [pid 13672] [client] PHP Warning: include_once(/var/www/html/admin/includes/functions.php): Failed to open stream: Permission denied in /var/www/html/admin/includes/header.php on line 21

Checked the file permissions and ownership. All files in the DocumentRoot are owned by apache user and are having the read and write permissions to the files and the directory.

How to solve the “Failed to open stream: Permission denied” warning

On CentOS 7, SELinux is enabled by default. SELinux improves server security by restricting and defining how a server processes requests and users interact with sockets, network ports, and essential directories.  SELinux may create problems in accessing or writing files or directories into DocumentRoot as below:

  • Can’t serve files on the directory
  • Can’t write to file

It is not recommended to disable SELinux for security reasons as you will be allowing the entire system to be compromised. However, you should update the SELinux policy to allow read and writing on specific directories. Below is the complete set of commands to set up SELinux policies to allow apache user to read and write to specific directories under webroot.

First re-establish the SELinux context
# restorecon -Rv /var/www/html

Change the owner of the webroot
# chown -R apache:apache /var/www/html

Change the basic permissions
# chmod -R g+w /var/www/html
# chmod g+s /var/www/html

Establish the SELinux permissions

Make all files read only
# chcon -R -t httpd_sys_content_t /var/www/html/

Only allow write on uploads dir
#chcon -R -t httpd_sys_rw_content_t /var/www/html/uploads

That’s It!

Was this article helpful?

Related Articles

Leave a Comment