diff --git a/Installation-on-Red-Hat-with-SELinux.md b/Installation-on-Red-Hat-with-SELinux.md
new file mode 100644
index 0000000..c08a3e6
--- /dev/null
+++ b/Installation-on-Red-Hat-with-SELinux.md
@@ -0,0 +1,235 @@
+This tutorial on how to install httpd, php70 and ZeroBin on a minimal red hat or CentOS 7 installation was provided by [@pozzo-balbi](https://github.com/pozzo-balbi) and was originally published at [pozzo-balbi.com/help/Zerobin](https://www.pozzo-balbi.com/help/Zerobin).
+
+## Prerequisits
+
+Assuming you are running a VM with minimal installation, you will need to install the following. First php in the latest version and httpd.
+
+ rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm
+ yum -y install php70w php70w-opcache php70w-gd php70w-intl php70w-mbstring php70w-mcrypt php70w-xml httpd httpd-tools
+
+Update php.ini:
+
+ sed -i 's/expose_php = On/expose_php = Off/' /etc/php.ini
+ sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/' /etc/php.ini
+ sed -i 's/;date.timezone =/date.timezone = Europe\/Berlin/' /etc/php.ini
+ sed -i 's/;mail.log = syslog/mail.log = syslog/' /etc/php.ini
+ sed -i 's/;realpath_cache_size = 16k/realpath_cache_size = 256k/' /etc/php.ini
+ sed -i 's/;realpath_cache_ttl = 120/realpath_cache_ttl = 1200/' /etc/php.ini
+
+Now customize httpd. Remove unnecessary modules (for ZeroBin) from `/etc/httpd/conf.modules.d`. Uncomment as needed.
+
+00-base.conf:
+
+ LoadModule access_compat_module modules/mod_access_compat.so
+ #Group authorizations based on host (name or IP address)
+ #LoadModule actions_module modules/mod_actions.so #Execute CGI scripts based on media type or request method.
+ #LoadModule alias_module modules/mod_alias.so #Provides for mapping different parts of the host filesystem in the document tree and for URL redirection
+ #LoadModule allowmethods_module modules/mod_allowmethods.so #Easily restrict what HTTP methods can be used on the server
+ #LoadModule auth_basic_module modules/mod_auth_basic.so #Basic HTTP authentication
+ #LoadModule auth_digest_module modules/mod_auth_digest.so #User authentication using MD5 Digest Authentication
+ #LoadModule authn_anon_module modules/mod_authn_anon.so #Allows "anonymous" user access to authenticated areas
+ #LoadModule authn_core_module modules/mod_authn_core.so #Core Authentication
+ #LoadModule authn_dbd_module modules/mod_authn_dbd.so #User authentication using an SQL database
+ #LoadModule authn_dbm_module modules/mod_authn_dbm.so #User authentication using DBM files
+ #LoadModule authn_file_module modules/mod_authn_file.so #User authentication using text files
+ #LoadModule authn_socache_module modules/mod_authn_socache.so #Manages a cache of authentication credentials to relieve the load on backends
+ LoadModule authz_core_module modules/mod_authz_core.so
+ #Core Authorization
+ #LoadModule authz_dbd_module modules/mod_authz_dbd.so #Group Authorization and Login using SQL
+ #LoadModule authz_dbm_module modules/mod_authz_dbm.so #Group authorization using DBM files
+ #LoadModule authz_groupfile_module modules/mod_authz_groupfile.so #Group authorization using plaintext files
+ #LoadModule authz_host_module modules/mod_authz_host.so #Group authorizations based on host (name or IP address)
+ #LoadModule authz_owner_module modules/mod_authz_owner.so #Authorization based on file ownership
+ #LoadModule authz_user_module modules/mod_authz_user.so #User Authorization
+ #LoadModule autoindex_module modules/mod_autoindex.so #Generates directory indexes, automatically, similar to the Unix ls command or the Win32 dir shell command
+ LoadModule cache_module modules/mod_cache.so
+ #RFC 2616 compliant HTTP caching filter.
+ LoadModule cache_disk_module modules/mod_cache_disk.so
+ #Disk based storage module for the HTTP caching filter.
+ LoadModule data_module modules/mod_data.so
+ #Convert response body into an RFC2397 data URL
+ #LoadModule dbd_module modules/mod_dbd.so #Manages SQL database connections
+ LoadModule deflate_module modules/mod_deflate.so
+ #Compress content before it is delivered to the client
+ LoadModule dir_module modules/mod_dir.so
+ #Provides for "trailing slash" redirects and serving directory index files
+ #LoadModule dumpio_module modules/mod_dumpio.so #Dumps all I/O to error log as desired.
+ #LoadModule echo_module modules/mod_echo.so #A simple echo server to illustrate protocol modules
+ #LoadModule env_module modules/mod_env.so #Modifies the environment which is passed to CGI scripts and SSI pages
+ LoadModule expires_module modules/mod_expires.so
+ #Generation of Expires and Cache-Control HTTP headers according to user-specified criteria
+ #LoadModule ext_filter_module modules/mod_ext_filter.so #Pass the response body through an external program before delivery to the client
+ #LoadModule filter_module modules/mod_filter.so #Context-sensitive smart filter configuration module
+ LoadModule headers_module modules/mod_headers.so
+ #Customization of HTTP request and response headers
+ #LoadModule include_module modules/mod_include.so #Server-parsed html documents (Server Side Includes)
+ #LoadModule info_module modules/mod_info.so #Provides a comprehensive overview of the server configuration
+ LoadModule log_config_module modules/mod_log_config.so
+ #Logging of the requests made to the server
+ #LoadModule logio_module modules/mod_logio.so #Logging of input and output bytes per request
+ #LoadModule mime_magic_module modules/mod_mime_magic.so #Determines the MIME type of a file by looking at a few bytes of its contents
+ LoadModule mime_module modules/mod_mime.so
+ #Associates the requested filename's extensions with the file's behavior (handlers and filters) and content (mime-type, language, character set and encoding)
+ #LoadModule negotiation_module modules/mod_negotiation.so #Provides for content negotiation
+ LoadModule remoteip_module modules/mod_remoteip.so
+ #Replaces the original client IP address for the connection with the useragent IP address list presented by a proxies or a load balancer via the request headers.
+ #LoadModule reqtimeout_module modules/mod_reqtimeout.so #Set timeout and minimum data rate for receiving requests
+ LoadModule rewrite_module modules/mod_rewrite.so
+ #Provides a rule-based rewriting engine to rewrite requested URLs on the fly
+ #LoadModule setenvif_module modules/mod_setenvif.so #Allows the setting of environment variables based on characteristics of the request
+ #LoadModule slotmem_plain_module modules/mod_slotmem_plain.so #Slot-based shared memory provider.
+ #LoadModule slotmem_shm_module modules/mod_slotmem_shm.so #Slot-based shared memory provider.
+ #LoadModule socache_dbm_module modules/mod_socache_dbm.so #DBM based shared object cache provider.
+ #LoadModule socache_memcache_module modules/mod_socache_memcache.so #Memcache based shared object cache provider.
+ LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
+ #shmcb based shared object cache provider.
+ #LoadModule status_module modules/mod_status.so #Provides information on server activity and performance
+ #LoadModule substitute_module modules/mod_substitute.so #Perform search and replace operations on response bodies
+ #LoadModule suexec_module modules/mod_suexec.so #Allows CGI scripts to run as a specified user and Group
+ LoadModule unique_id_module modules/mod_unique_id.so
+ #Provides an environment variable with a unique identifier for each request
+ LoadModule unixd_module modules/mod_unixd.so
+ #Basic (required) security for Unix-family platforms.
+ #LoadModule userdir_module modules/mod_userdir.so #User-specific directories
+ #LoadModule version_module modules/mod_version.so #Version dependent configuration
+ #LoadModule vhost_alias_module modules/mod_vhost_alias.so #Provides for dynamically configured mass virtual hosting
+
+ #LoadModule buffer_module modules/mod_buffer.so #Support for request buffering
+ #LoadModule watchdog_module modules/mod_watchdog.so #provides infrastructure for other modules to periodically run tasks
+ #LoadModule heartbeat_module modules/mod_heartbeat.so #Sends messages with server status to frontend proxy
+ #LoadModule heartmonitor_module modules/mod_heartmonitor.so #Centralized monitor for mod_heartbeat origin servers
+ #LoadModule usertrack_module modules/mod_usertrack.so #Clickstream logging of user activity on a site
+ #LoadModule dialup_module modules/mod_dialup.so #Send static content at a bandwidth rate limit, defined by the various old modem standards
+ #LoadModule charset_lite_module modules/mod_charset_lite.so #Specify character set translation or recoding
+ #LoadModule log_debug_module modules/mod_log_debug.so #Additional configurable debug logging
+ #LoadModule ratelimit_module modules/mod_ratelimit.so #Bandwidth Rate Limiting for Clients
+ #LoadModule reflector_module modules/mod_reflector.so #Reflect a request body as a response via the output filter stack.
+ #LoadModule request_module modules/mod_request.so #Filters to handle and make available HTTP request bodies
+ #LoadModule sed_module modules/mod_sed.so #Filter Input (request) and Output (response) content using sed syntax
+ #LoadModule speling_module modules/mod_speling.so #Attempts to correct mistaken URLs by ignoring capitalization, or attempting to correct various minor misspellings.
+
+00-dav.conf:
+
+ #LoadModule dav_module modules/mod_dav.so
+ #LoadModule dav_fs_module modules/mod_dav_fs.so
+ #LoadModule dav_lock_module modules/mod_dav_lock.so
+
+00-lua.conf:
+
+ #LoadModule lua_module modules/mod_lua.so
+
+00-proxy.conf:
+
+ #LoadModule proxy_module modules/mod_proxy.so
+ #LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
+ #LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
+ #LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
+ #LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
+ #LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
+ #LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
+ #LoadModule proxy_connect_module modules/mod_proxy_connect.so
+ #LoadModule proxy_express_module modules/mod_proxy_express.so
+ #LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
+ #LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
+ #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
+ #LoadModule proxy_http_module modules/mod_proxy_http.so
+ #LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
+
+01-cgi.conf:
+
+
+ # LoadModule cgid_module modules/mod_cgid.so
+
+
+ # LoadModule cgid_module modules/mod_cgid.so
+
+
+ # LoadModule cgi_module modules/mod_cgi.so
+
+
+Next adjust settings for modules in /etc/httpd/conf.d .
+
+ mv /etc/httpd/conf.d/autoindex.conf /etc/httpd/conf.d/autoindex.conf.orig
+ mv /etc/httpd/conf.d/userdir.conf /etc/httpd/conf.d/userdir.conf.orig
+ touch /etc/httpd/conf.d/autoindex.conf
+ touch /etc/httpd/conf.d/userdir.conf
+
+Last but not least configure Apache httpd itself.
+
+ cd /etc/httpd/conf
+ cp httpd.conf httpd.conf.orig
+ #sed -i 's/ServerAdmin root@localhost/ServerAdmin youremail@example.com/' /etc/httpd/conf/httpd.conf # change against your email if needed
+ sed -i 's/Listen 80/Listen 0.0.0.0:80/' /etc/httpd/conf/httpd.conf
+ sed -i 's/LogLevel warn/LogLevel error/' /etc/httpd/conf/httpd.conf
+ sed -i 's/#EnableMMAP off/EnableMMAP on/' /etc/httpd/conf/httpd.conf
+ #echo -e "ServerSignature off\nServerTokens Prod\nExtendedStatus Off\nStartServers 10\nMinSpareServers 1\nMaxSpareServers 2\nServerLimit 12\nMaxClients 12\nMaxRequestsPerChild 10000\nKeepAlive on\nKeepAliveTimeout 120" | cat - /etc/httpd/conf/httpd.conf > /etc/httpd/conf/temp && mv /etc/httpd/conf/temp /etc/httpd/conf/httpd.conf <<< y
+ cat >> /etc/httpd/conf.d/custom.conf << EOF
+ ServerSignature off
+ ServerTokens Prod
+ ExtendedStatus Off
+ StartServers 10
+ MinSpareServers 1
+ MaxSpareServers 2
+ ServerLimit 12
+ MaxClients 12
+ MaxRequestsPerChild 10000
+ KeepAlive on
+ KeepAliveTimeout 120
+
+ Require all denied
+
+
+ Require all denied
+
+
+ Require all denied
+
+
+ Require all denied
+
+ ExpiresActive On
+ ExpiresDefault A2592000 # (= one month)
+ Header set Cache-Control "max-age=2592000, public"
+
+ Header unset Cache-Control
+ Header unset Expires
+ Header unset Last-Modified
+ FileETag None
+ Header unset Pragma
+
+ EOF
+ setsebool -P httpd_execmem=1
+ setsebool -P httpd_builtin_scripting=1
+ systemctl enable httpd
+
+## Installation
+
+Download the [latest version of ZeroBin](https://github.com/elrido/ZeroBin/releases/latest) and extract it to `/var/www/html/paste`.
+
+Create directories needed by ZeroBin, update permissions and (re)start httpd:
+
+ cd /var/www/html/paste
+ mkdir data
+ mkdir tmp
+ chown apache:apache *
+ semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/paste/tmp(/.*)?"
+ semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/paste/data(/.*)?"
+ systemctl restart httpd
+
+Update selinux after some time with:
+
+ cd /var/log/audit
+ grep hugetlbfs audit.log | audit2allow -M hugetlbfs
+ semodule -i hugetlbfs.pp
+
+## Nginx/Naxsi
+
+If using nginx with naxsi on your reverse proxy, add these whitelist_rules:
+
+ BasicRule wl:1015 "mz:$URL:/paste/|$BODY_VAR:data";
+ BasicRule wl:1315 "mz:$URL:/paste/|$HEADERS_VAR:cookie";
+ BasicRule wl:1001 "mz:$URL:/paste/|$BODY_VAR:data";
+ BasicRule wl:1009 "mz:$URL:/paste/|$BODY_VAR:data";
+ BasicRule wl:1009 "mz:$URL:/paste/|$BODY_VAR:nickname";
+ BasicRule wl:1001 "mz:$URL:/paste/|$BODY_VAR:nickname";
+ BasicRule wl:1015 "mz:$URL:/paste/|$BODY_VAR:nickname";
\ No newline at end of file