How To Make PHP Curl Work on Linux

PHP developers usually use Curl to connect to the external network, but it could fail on Linux due to permission issue. For example, a PHP code snippet like this:

<?php
$title = urlencode("Ricky Martin");
$url = "http://en.wikipedia.org/w/api.php?format=json&action=query&titles=$title&prop=revisions&rvprop=content";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_USERAGENT, 'Example/1.0 (http://www.example.com/)');
$result = curl_exec($ch);
if (!$result) {
  echo curl_error($ch);
} else {
  var_dump($result);
}
?>

The above example was trying to connect to wikipedia, but Curl failed with the following error:

couldn't resolve host 'en.wikipedia.org'

It seems Curl was trying to resolve the domain name did not have the ability to do it. My first guess is that it's a permission issue of httpd.

Let's check SELinux boolean value of httpd

[root@www ~]# getsebool -a | grep httpd
...
httpd_can_network_connect --> off
...

There is a suspect permission called httpd_can_network_connect in the list, which could be the key to the problem.

Let's enable the permission.

[root@www ~]# setsebool -P httpd_can_network_connect on
[root@www ~]# getsebool -a | grep httpd
...
httpd_can_network_connect --> on
...

Don't forget to restart httpd after enabling.

[root@web ~]# service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]

Then, try the PHP code again, it's back to normal.

If you have already enabled httpd_can_network_connect, restarting httpd service could be helpful.

Leave a Reply

Your email address will not be published. Required fields are marked *