How to open ports in firewalld
In this guide, you’ll learn how to open a port in firewalld, either by specifying a port number or enabling a premade service. Then you’ll be able to to verify which ports and services are currently active, ensuring your configuration is correct.
Opening a port in firewalld is a common first step after installation as it crucial in securing your VPS and any applications you run, helping to prevent unauthorised access. If you prefer you can learn how to use UFW or uncomplicated firewall instead.
Open a Port in Firewalld
Access Your Server via SSH
Begin by logging into your Linux server using SSH with sufficient privileges:
user@your-server-ipCheck If the Port Has a Named Service
Before adding a port manually, it’s best to see if firewalld already recognises the port as a named service. This makes configuration more readable and easier to manage:
firewall-cmd --get-servicesLook for a service name that corresponds to your application.
Open a service permanently
Enable it using this command:
sudo firewall-cmd --permanent --add-service=SERVICE
Replace service with the appropriate name for example: httpd, mysql.
Open a port permanently
Manually open the port by specifying the port number and protocol:
sudo firewall-cmd --permanent --add-port=3080/tcpReplace 3080 and tcp with the port you need opened and the protocol its on.
Reload firewalld to apply changes
To make your changes active, reload the Firewalld configuration:
sudo firewall-cmd --reloadThis applies all permanent changes and resets any temporary runtime rules.
Check those ports are opened
After updating your firewall, it’s essential to confirm the correct services and ports are enabled.
List Active Services
sudo firewall-cmd --list-servicesList Open Ports
sudo firewall-cmd --list-ports