Open or close server ports
Check firewall status
To check if the firewall service (firewalld) is installed and enabled, execute the following command:
$ sudo systemctl status firewalld.service
If the firewall service is not enabled, follow the instructions below to enable it.
Enable the firewall
If the firewall service is not enabled, enable the service by executing the following command:
$ sudo systemctl enable firewalld.service
Start the firewall as below:
$ sudo systemctl start firewalld.service
Open server ports for remote access
NOTE: Make sure that the firewall is enabled and running. If it is not enabled, all ports are open by default.
If you need to access your server remotely using a specific port, you must first open the port. To do so, follow the instructions below:
- Log in to the server console.
Execute the following command for each port that you wish to open. Remember to replace the PORT placeholder with the corresponding port number.
$ sudo firewall-cmd --zone=public --permanent --add-port=PORT/tcp
Reload the firewall to make the changes take effect:
$ sudo firewall-cmd --reload
Close server ports and deny access
NOTE: Make sure that the firewall is enabled and running. If it is not enabled, all ports are open by default.
To close ports for remote access, follow these steps:
- Log in to the server console.
Execute the following command for each port that you wish to close. Remember to replace the PORT placeholder with the corresponding port number.
$ sudo firewall-cmd --zone=public --permanent --remove-port=PORT/tcp
Reload the firewall to make the changes take effect:
$ sudo firewall-cmd --reload