Allow Web Traffic in a Firewalld Software Firewall
This article describes how to configure your firewalld
software firewall to allow web traffic on port 80 (HTTP) and port 443 (HTTPS). firewalld
is the default software firewall for RHEL® 7-based distributions.
Prerequisites
You need to have the following prerequisites:
- Basic understanding of Secure Shell (SSH)
- Sudo or administrative access to your server
- A cloud server with RHEL 7 or CentOS® 7 running
firewalld
These steps are only for non-RackConnected cloud servers. If you are using RackConnect, you can make similar changes on your dedicated firewall.
Log in to your server by using SSH and then complete the steps in the following sections for your preferred setup method.
While
firewalld
is the default software firewall solution for RHEL 7-based distributions, you should note thatfirewalld
acts as a wrapper for iptables and you can disable the firewall. Before proceeding with the following steps, ensure thatfirewalld
is running on your server.
You can verify that firewalld
is running on your server by executing the following command:
systemctl status firewalld
One-line command method
Use the following one-line command to open the open the firewall ports:
sudo sh -c "firewall-cmd --permanent --zone=public --add-service=http && firewall-cmd --permanent --zone=public --add-service=https && firewall-cmd --reload"
Individual commands method
If you prefer to configure the software firewall by using discrete steps instead of by using the one-line command, perform the following steps:
-
Run the following command to allow traffic on port 80:
sudo firewall-cmd --permanent --zone=public --add-service=http
-
Run the following command to allow traffic on port 443:
sudo firewall-cmd --permanent --zone=public --add-service=https
-
Run the following command to save the
firewalld
rules:sudo firewall-cmd --reload
After you complete the preceding steps, you have configured your server to allow HTTP and HTTPS web traffic through your firewalld
software firewall. If you configured your website to accept traffic on ports 80 and 443, you should be able to visit both the HTTP and HTTPS versions of your website.
Updated about 1 year ago