Open or close server ports

When you create a new server from Bitnami VSI images for IBM Cloud, you can specify the ports to open.

Follow the steps below to modify the opened ports after the server is created:

Navigate to the “Security groups for VPC” page in your IBM Cloud account and select the security group associated with your instance.
Click the “Rules” tab to add, edit or delete firewall rules.

To check if the firewall service (firewalld) is installed and enabled, execute the following command:

$ sudo systemctl status firewalld.service

If the firewall service is not enabled, follow the instructions below to enable it.

If the firewall service is not enabled, enable the service by executing the following command:

$ sudo systemctl enable firewalld.service

Start the firewall as below:

$ sudo systemctl start firewalld.service

NOTE: Make sure that the firewall is enabled and running. If it is not enabled, all ports are open by default.

If you need to access your server remotely using a specific port, you must first open the port. To do so, follow the instructions below:

Log in to the server console.
Execute the following command for each port that you wish to open. Remember to replace the PORT placeholder with the corresponding port number.
```
  $ sudo firewall-cmd --zone=public --permanent --add-port=PORT/tcp
```
Reload the firewall to make the changes take effect:
```
  $ sudo firewall-cmd --reload
```

NOTE: Make sure that the firewall is enabled and running. If it is not enabled, all ports are open by default.

To close ports for remote access, follow these steps:

Log in to the server console.
Execute the following command for each port that you wish to close. Remember to replace the PORT placeholder with the corresponding port number.
```
  $ sudo firewall-cmd --zone=public --permanent --remove-port=PORT/tcp
```
Reload the firewall to make the changes take effect:
```
  $ sudo firewall-cmd --reload
```