Tšireletso

CentOS/Rocky Linux Firewall Setup

Configure FirewallD on CentOS or Rocky Linux to protect your server with zone-based firewall rules and service management.

March 11, 2026 301 maikutlo

Hardening CentOS/Rocky Linux 9 with FirewallD

Secure your CentOS/Rocky Linux 9 server by implementing FirewallD. This guide covers essential security measures to protect your VPS.

Why Security Matters

FirewallD is the default firewall solution for RHEL-based distributions like CentOS and Rocky Linux. It provides dynamic zone-based firewall management without requiring service restarts when rules change.

Step 1: Install FirewallD

sudo dnf install firewalld -y
sudo systemctl start firewalld
sudo systemctl enable firewalld

Step 2: Configure Firewall Rules

Set up basic firewall rules:

# Set default zone to public
sudo firewall-cmd --set-default-zone=public

# Allow essential services
sudo firewall-cmd --zone=public --permanent --add-service=ssh
sudo firewall-cmd --zone=public --permanent --add-service=http
sudo firewall-cmd --zone=public --permanent --add-service=https

# Allow custom port (e.g., application on port 8080)
sudo firewall-cmd --zone=public --permanent --add-port=8080/tcp

# Remove unnecessary services
sudo firewall-cmd --zone=public --permanent --remove-service=cockpit

# Reload to apply changes
sudo firewall-cmd --reload

Step 3: Enable FirewallD

sudo systemctl enable firewalld
sudo systemctl restart firewalld

Step 4: Verify Configuration

sudo firewall-cmd --state
sudo firewall-cmd --list-all
sudo firewall-cmd --list-services
sudo firewall-cmd --list-ports

Additional Security Tips

  • Use firewall-cmd --get-zones to see all available zones and organize rules by trust level
  • Always use --permanent flag followed by --reload to persist rules across reboots
  • Use rich rules for advanced filtering: firewall-cmd --add-rich-rule to restrict access by source IP

Conclusion

Your CentOS/Rocky Linux server is now protected with FirewallD. Regular security audits are recommended.

Lekanya Sengoloa sena

-
Loading...

Lihlooho tse Amanang

Debian Security Hardening

Harden your Debian server with essential security configurations including firewall, SSH hardening, and intrusion detection.

Harden CentOS 9 with FirewallD

Secure your CentOS 9 server with FirewallD configuration and best practices.

Sireletsa Ubuntu 22.04 ka UFW Firewall

Harden your Ubuntu 22.04 server security by configuring UFW (Uncomplicated Firewall).

Batla Litokomane
Tšireletso

Sheba lingoloa tsohle
Launch Your VPS
From $2.50/mo