diff --git a/bin/hardening/1.4_set_no_allow_insecure_repository_by_apt.sh b/bin/hardening/1.4_set_no_allow_insecure_repository_by_apt.sh
index 32a4469..b95f7ac 100755
--- a/bin/hardening/1.4_set_no_allow_insecure_repository_by_apt.sh
+++ b/bin/hardening/1.4_set_no_allow_insecure_repository_by_apt.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 #
-# harbian audit Debian 9 Hardening
+# harbian audit Debian 9/CentOS Hardening
 #
 
 #
@@ -15,8 +15,10 @@ set -u # One variable unset, it's over
 HARDENING_LEVEL=2
 OPTION='AllowInsecureRepositories'
 
-# This function will be called if the script status is on enabled / audit mode
-audit () {
+YUM_OPTION='repo_gpgcheck'
+YUM_CONFFILE='/etc/yum.conf'
+
+audit_debian () {
     if [ $(grep -v "^#" /etc/apt/ -r | grep -c "${OPTION}.*true") -gt 0 ]; then
         crit "The allow insecure repository when by apt update is enable"
         FNRET=1
@@ -26,8 +28,35 @@ audit () {
     fi
 }
 
-# This function will be called if the script status is on enabled mode
-apply () {
+audit_redhat ()
+{
+    if [ $(grep -c "^$YUM_OPTION" $YUM_CONFFILE) -gt 0 ]; then
+		if [ $(grep "^$YUM_OPTION" $YUM_CONFFILE | awk -F"=" '{print $2}') -eq 1 ]; then
+			ok "The allow insecure repository when by yum update is disable"
+			FNRET=0
+        else
+            crit "The signature of repodata option is disable "
+            FNRET=1
+        fi
+    else
+        crit "Option $YUM_OPTION is not set in $YUM_CONFFILE!"
+        FNRET=2
+    fi
+}
+
+# This function will be called if the script status is on enabled / audit mode
+audit () {
+	if [ $OS_RELEASE -eq 1 ]; then
+        audit_debian
+    elif [ $OS_RELEASE -eq 2 ]; then
+        audit_redhat
+    else
+        crit "Current OS is not support!"
+        FNRET=44
+    fi
+}
+
+apply_debian () {
     if [ $FNRET = 0 ]; then 
         ok "The allow insecure repository when by apt update is disable"
     else
@@ -39,6 +68,28 @@ apply () {
     fi
 }
 
+apply_redhat () {
+	if [ $FNRET = 0 ]; then
+		ok "The signature of repodata option is enable "
+    elif [ $FNRET = 1 ]; then
+        warn "Set to enabled signature of repodata option"
+        sed -i "s/$YUM_OPTION=.*/$YUM_OPTION=1/g" $YUM_CONFFILE
+    else
+        warn "Add $YUM_OPTION option to $YUM_CONFFILE"
+        add_end_of_file $YUM_CONFFILE "$YUM_OPTION=1"
+    fi
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+	if [ $OS_RELEASE -eq 1 ]; then
+        apply_debian
+    elif [ $OS_RELEASE -eq 2 ]; then
+        apply_redhat
+    else
+        crit "Current OS is not support!"
+    fi
+}
 # This function will check config parameters required
 check_config() {
     # No parameters for this function