I’m working with a Wordpress installation on my laptop (localhost/wordpress). People on the Wordpress forum are telling me that such a site should be able to contact wordpress.org and download updates, themes, etc. I’ve always thought I had to do it manually (download from wordpress.org to my download directly, unzip, and then copy it to my /var/www/html file.)
I don’t know how to configure WP to be able to do this. The WP forum tells me it’s not a WP configuration issue.
“WordPress does not need to be configured for this, but your system and your network do. You are obviously using a LAMP stack with Fedora. I would therefore recommend that you contact a Fedora community with your request where they can tell you what needs to be configured on their system.”
Is that right? What would I configure?
Apps like Firefox, Thunderbird, Gimp, even Fedora itself have “search for update” built and and just work.
I’ve got Apache, MariaDB, and Php installed on my computer, which is running Fedora 42.
Is there something I can do, once I have a wordpress site set up on my computer, to enable WP to “call home” and get updates and download plugins and themes?
When I go, e.g., to Plugins and click “Add New,” I get this error message:
"An unexpected error occurred. Something may be wrong with “WordPress.org or this server’s configuration. If you continue to have problems, please try the [support forums]”
I get the same error message when I go to Themes and click “Add theme.”
If I weren’t already using the latest version of WP, the Dashboard would have a link to “check for updates.”
(“Automatic updates” is a separate setting. You only turn that on if you don’t want to manually check for updates.)
I see. A pity it doesn’t give a more specific error message.
I wonder if something is going on with permissions and/or SELinux (e.g. the web server is forbidden to write files to the directory where it wants to put the themes), but I’m speculating.
Are there any accessible WP logs which are more explicit than the on-screen error message?
I only just learned that Fedora now runs SELinux as the default. I always thought it was an option for people with special security needs. Can I just disable SELinux?
A local-host is normally just local accessible. This means from your laptop to the address 127.0.0.1, on your computer. So if you access to wordpress.org, it will not find the way back to the address alias, it has not the necessary permissions to do so.
You can test this while accessing from a other computer in your netowrk to acces to the laptop typing the IP-Address from it (ex. 192.168.1.1/wordpress). If this not works, you webserver is not configured to serve a local network nor over the internet.
Personally though, running a webserver on my local machine is the kind of case where I would want to have SELinux enabled as a protection against escape.
It might be worth checking whether you’re actually seeing any SELinux failures that are implicated in your Wordpress issues?
You can see recent denials by doing for example sudo ausearch -m avc -ts today
Don’t know for sure, but I suspect the wordpress.org server just participates in a normal HTTPS session initiated by the client, rather than trying to initiate a new session. i.e. OP’s laptop just needs to be able to “phone out” to the internet - it doesn’t require wordpress.org to “phone in” to the laptop.
So that’s separate from the question of whether the laptop can successfully serve pages to other machines on the LAN or internet.
For example, I just successfully posted this message, but discussion.fedoraproject.org doesn’t need to know that my LAN address is 192.168.123.45 in order for that to work successfully.
The apache config is responsible which access you have. I really doubt that when the OP just can access localhost 127.0.0.1, that the server it selves will be able to have access to the internet. Because it is just accesible from the localhost and not even from a other device in the local network. I remember that this was always default in apache. Especially if you not configured it further.
" You can see recent denials by doing for example `sudo ausearch -m avc -ts today"
I’ve got hundreds of them, going back to Apr 29. Today’s started at 10:48 and continued every two minutes or so right up until I ran the command, at 13:30. How do I interpret this? It’s above my pay grade.
Thanks
time->Sat May 3 13:28:21 2025
type=AVC msg=audit(1746293301.885:741): avc: denied { name_connect } for pid=1824 comm=“php-fpm” dest=80 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:http_port_t:s0 tclass=tcp_socket permissive=0
@federich can you please give information about your system? You not gave any hint, you could actualize the tags in your title, to see the version of Fedora and if you are using it on a Workstation etc.
Thanks. I’ll check that.
I may just have to stick with manually downloading to Downloads and the copying to my wordpress install. At least that works (most of the time).
You can just download the wordpress-latest.tar.gz archive from wordpress.org and extract it somewhere like /opt/wordpress. However, you would need to add a SELinux rule for it such as the following.
You would also need to adjust /etc/httpd/cond.d/wordpress.conf accordingly. For example:
<Location "/">
SSLRequireSSL
</Location>
<VirtualHost *:80>
ServerName wordpress.example.com
</VirtualHost>
<VirtualHost *:443>
ServerName wordpress.example.com
Include conf/my-ssl-settings.conf
DocumentRoot "/opt/wordpress"
<Directory /opt/wordpress>
AllowOverride all
Require all granted
</Directory>
<Directory /opt/wordpress/wp-content/uploads>
# Deny access to any php file in the uploads directory
<FilesMatch "\.(php|phar)$">
Require all denied
</FilesMatch>
</Directory>
<Directory /opt/wordpress/wp-content/plugins/akismet>
# Deny access to any php file in the akismet directory
<FilesMatch "\.(php|txt)$">
Require all denied
</FilesMatch>
</Directory>
</VirtualHost>
Edit: Hmm, the required SELinux rules might be a bit more complex that I realized. This is what /usr/share/wordpress shows. You might need to match that for /opt/wordpress.
Thanks. I’m afraid that’s well beyond my capacities. I don’t know why the correspondent on the Wordpress forum made it seem like I was missing some quite simple. He probably runs a full-blown development site and writes scripts in his sleep.
I downloaded master branch from WordPress git and have a systemd script to auto-update it on Fedora Server (notes); file/DB backups automated too, and SELinux context httpd_sys_rw_content_t on the files.
I have updates handled via Git instead of through WordPress. On Windows I have WP_AUTO_UPDATE_COREfalse so WP doesn’t try to update/check on its own.
I use nginx, but I’m thinking the files can still be Git managed the same way and a user/group change for Apache.
On wp-admin/site-health.php on Windows host I get:
The REST API encountered an error Performance
Background updates are not working as expected Security
Your site could not complete a loopback request Performance
None of that (afaik) affects Git-side updates and my blog is visible. I never saw those from Linux hosts and iirc the loopback thing is something Windows-specific with config (not sure on specifics but my blog is still viewable )
I think REST controls pings to external blog trackers; I’m only concerned with my blog rendering on direct page views.
I run a few websites like that (DokuWiki, Piwigo, Joomla; daily Git pulls from main/master upstream as-is). Those and WP get the same procedures and it works similar enough to mostly copy/paste the same notes, cross-OS.
For WP I don’t use any plugins, and use an included theme (they’re also updated upstream within WP’s repo), currently Twenty Twenty-Five (my blog).
)