Manual Wordpress on SELinux

Install Apache, PHP and MariaDB:

yum install httpd  
service httpd start  
systemctl enable httpd.service

yum install php php-mysql php-gd php-pear

yum install mariadb-server  
systemctl enable mariadb.service  

Configure MariaDB:

/usr/bin/mysql_secure_installation

Download latest Wordpress version:

curl https://wordpress.org/latest.tar.gz --proxy=$http_proxy > latest.tar.gz  

Prevent write rights to Apache user:

chown -R root:apache *  

Create database and Wordpress user:

create database wordpress;

grant all on wordpress.* to wordpress@'%' identified by "<insert random generated and secure password here>"  

Update /etc/httpd/http.conf to allow .htaccess overrides (for url rewrite).

AllowOverride Options FileInfo  

Remove Options and enable FollowSymLinks (don't allow directory browsing).

Options None  
Options +FollowSymLinks  

Make sure Apache can connect to external networks (remember SELinux):

getsebool -a  
setsebool httpd_can_network_connect on  

Enable sendmail for http user.

setsebool -P httpd_can_sendmail on  

Enable write rights for wp-content folder and wp-config.php:

cd /var/www/html/  
chmod -R u+rwX,go+rX,o-w ./wp-content  
chmod -R u+rwX,go+rX,o-w ./wp-config.php  

Configure Envelope-From address for sendmail:

```
DirectoryIndex index.php Options None Options +FollowSymLinks

            php_admin_value mail.force_extra_parameters "-fx@x.com"
            AllowOverride Options FileInfo
            # Controls who can get stuff from this server file
            Order allow,deny
            Allow from all
    </Directory>
    <IfModule mpm_peruser_module>
            ServerEnvironment x x 
    </IfModule>