Harden CentOS 9 with FirewallD

Hardening CentOS 9 with FirewallD

Secure your CentOS 9 server by implementing FirewallD. This guide covers essential security measures to protect your VPS.

Why Security Matters

FirewallD is the default firewall management tool for RHEL-based systems, providing dynamic firewall management with D-Bus interface.

Step 1: Install FirewallD

sudo dnf install firewalld -y

Step 2: Configure Firewall Rules

Set up basic firewall rules:

sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
sudo firewall-cmd --reload

Step 3: Enable FirewallD

sudo systemctl start firewalld
sudo systemctl enable firewalld

Step 4: Verify Configuration

sudo firewall-cmd --state
sudo firewall-cmd --list-all

Additional Security Tips

• Use zones to organize firewall rules by trust level
• Always use --permanent flag to persist rules across reboots
• Test rules before making them permanent

Conclusion

Your CentOS server is now protected with FirewallD. Regular security audits are recommended.