Keeping your services and host itself secure is crucial. Nowadays, there are a lot of attacks that can harm your host server, like brute force attacks, dictionary SSH attacks, SQL injections, etc. So, if you manage to keep your server safe and secure by installing a firewall and setup secure rules, things will get complicated for the attackers. Today I’m going to show you how to install Firewalld on Rocky Linux 8 and set up some basic rules.
Prerequisites
- Rocky Linux 8
- sudo privileges
Install Firewalld on Rocky Linux 8
Step 1. Update system packages with:
sudo dnf update
Step 2. Install Firewalld.
sudo dnf install firewalld
Step 3. Turn the Firewalld service on.
systemctl start firewalld
Note(s): SSH connections are allowed by default in Firewalld.
Step 4. To check the status, run:
systemctl status firewalld
Step 5. List the services that are allowed.
firewall-cmd --permanent --list-all
Output:
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0 eth1
sources:
services: cockpit dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Enable HTTP and HTTPS on Firewalld
To enable HTTP and HTTPS, run:
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --reload
Now, list again the allowed services.
firewall-cmd --permanent --zone=public --list-services
Output:
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0 eth1
sources:
services: cockpit dhcpv6-client http https ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Conclusion
Here I showed you some basic Firewalld rules, but anyway if you need some specific services or rules to be enabled or disabled please put a comment below. Feel free to leave a comment below and if you find this tutorial useful, follow our official channel on Telegram.