How to Enable HTTP and HTTPS Services in FirewallD

In the digital age, securing your server’s internet traffic is crucial, particularly for services like HTTP and HTTPS, which handle web traffic. FirewallD, a dynamic firewall management tool available on many Linux distributions, plays a vital role in safeguarding your system against unauthorized access. This guide will walk you through the process of enabling HTTP (port 80) and HTTPS (port 443) services in FirewallD, ensuring that your web services are secure and accessible.

What is FirewallD?

FirewallD is a firewall service native to many Linux distributions that provides a flexible and configurable way to manage network access to your system. Unlike traditional firewall solutions, FirewallD operates with the concept of zones and services, making it easier to manage firewall rules without restarting the service or disrupting existing connections.

Step 1: Checking FirewallD Status

Before you begin, ensure that FirewallD is installed and running on your system. You can check its status by executing the following command in your terminal:

sudo systemctl status firewalld

If it’s not running, you can start it with:

sudo systemctl start firewalld

Step 2: Allowing HTTP and HTTPS Services

FirewallD simplifies the process of managing firewall settings through predefined services, which are named sets of rules. Here’s how you can allow HTTP and HTTPS services:

1. Open HTTP Service:

   To allow HTTP traffic, you need to add the HTTP service to your active zone. Typically, the default zone is set to ‘public’, but you can check your active zone by typing:

   firewall-cmd --get-active-zones
   

   Then, add the HTTP service to your active zone with the following command:

   sudo firewall-cmd --zone=public --add-service=http
   

2. Open HTTPS Service:

   Similarly, to allow HTTPS traffic, use the following command:

   sudo firewall-cmd --zone=public --add-service=https
   

Step 3: Making the Changes Permanent

By default, the changes you make are temporary and will be lost after a reboot. To make the changes permanent, add the --permanent flag to the commands:

sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https

Step 4: Reloading FirewallD to Apply Changes

After adding the services, you need to reload FirewallD to apply the changes:

sudo firewall-cmd --reload

Step 5: Verifying the Configuration

It’s important to confirm that the services have been added correctly. To check the services enabled on your zone, use:

sudo firewall-cmd --zone=public --list-services

You should see `http` and `https` in the list of allowed services.

Conclusion

By following these steps, you have successfully configured FirewallD to allow HTTP and HTTPS services. This configuration ensures that your web server can handle web traffic securely. Regularly updating your firewall rules and staying informed about best practices in network security will further enhance your system’s defenses against potential threats. FirewallD offers a robust platform for managing these rules effectively, ensuring your Linux server remains secure and functional.