In the digital age, securing your server’s internet traffic is crucial, particularly for services like HTTP and HTTPS, which handle web traffic. FirewallD, a dynamic firewall management tool available on many Linux distributions, plays a vital role in safeguarding your system against unauthorized access. This guide will walk you through the process of enabling HTTP (port 80) and HTTPS (port 443) services in FirewallD, ensuring that your web services are secure and accessible.
What is FirewallD?
FirewallD is a firewall service native to many Linux distributions that provides a flexible and configurable way to manage network access to your system. Unlike traditional firewall solutions, FirewallD operates with the concept of zones and services, making it easier to manage firewall rules without restarting the service or disrupting existing connections.
Step 1: Checking FirewallD Status
Before you begin, ensure that FirewallD is installed and running on your system. You can check its status by executing the following command in your terminal:
sudo systemctl status firewalld
If it’s not running, you can start it with:
sudo systemctl start firewalld
Step 2: Allowing HTTP and HTTPS Services
FirewallD simplifies the process of managing firewall settings through predefined services, which are named sets of rules. Here’s how you can allow HTTP and HTTPS services:
- Open HTTP Service:
To allow HTTP traffic, you need to add the HTTP service to your active zone. Typically, the default zone is set to ‘public’, but you can check your active zone by typing:
firewall-cmd --get-active-zones
Then, add the HTTP service to your active zone with the following command:
sudo firewall-cmd --zone=public --add-service=http
- Open HTTPS Service:
Similarly, to allow HTTPS traffic, use the following command:
sudo firewall-cmd --zone=public --add-service=https
Step 3: Making the Changes Permanent
By default, the changes you make are temporary and will be lost after a reboot. To make the changes permanent, add the --permanent
flag to the commands:
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
Step 4: Reloading FirewallD to Apply Changes
After adding the services, you need to reload FirewallD to apply the changes:
sudo firewall-cmd --reload
Step 5: Verifying the Configuration
It’s important to confirm that the services have been added correctly. To check the services enabled on your zone, use:
sudo firewall-cmd --zone=public --list-services
You should see `http` and `https` in the list of allowed services.
Conclusion
By following these steps, you have successfully configured FirewallD to allow HTTP and HTTPS services. This configuration ensures that your web server can handle web traffic securely. Regularly updating your firewall rules and staying informed about best practices in network security will further enhance your system’s defenses against potential threats. FirewallD offers a robust platform for managing these rules effectively, ensuring your Linux server remains secure and functional.
2 Comments
Hellow. I’m trying to install joomla but there are some problems with /var/www/html folder permissions and it ask fpt account during installation process. Is it correct to leave as root user permissions or must be apache user for this folder? In any case it does not work on fedora 34 🙁
Thanks
wrong post, sorry, too much tabs opened on my browser. 😉