AlmaLinux / Rocky Linux 8 open HTTP/HTTPS port 80/443 with firewalld

This tutorial will guide you with commands that we can use to open or close popular web server ports that are HTTP port 80 and its secure version that is HTTPS port 443 on AlmaLinux 8 or Rocky Linux.

FirewallD comes as the default firewall application in these Linux, however, if you don’t have it, you can use the below commands-

sudo dnf install firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo systemctl status firewalld

What do we learn here in this tutorial:

  • How to open HTTP port 80 and HTTPS port 443 permanently
  • Command to open or close any server and port in AlmaLinux


Commands to open or close HTTP port 80 & HTTPS 443 on AlmaLinux/ Rocky 8

Step 1: Check the Active AlmaLinux port list: Before opening any port, let’s check what are ports & services are already allows to communicate outside the public network in our firewall. For that use:

sudo firewall-cmd --list-all


netstat -na | grep port-number

Replace port-number with the one you want to find out. If it is not active then you perhaps not get any result in return.

Step 2: Command to Open port 80 and port 443 port: As we know firewall comes with some default pre-configured services and http & https are in them. Thus, we can either use the service command or port command of the firewalld to allow them in the Public zone:

sudo firewall-cmd --zone=public --permanent --add-service=http
sudo firewall-cmd --zone=public --permanent --add-service=https

However, if your Apache web server’s application is running on some other port apart from 80 & 443, we can open that as well. Let’s say your web application is on some custom port 5000. Thus, to open it we use-

sudo firewall-cmd --zone=public --permanent --add-port 5000/tcp

Just replace 5000 with whatever port number you want to open.

Step 3: Reload Firewalld service- To ensure that open service or port successfully recognized by the firewalld, reload its service using the command-

sudo firewall-cmd --reload


(optional) Close or block port 80 and 443 – In case after some time, you want to block or close the HTTP and HTTPS services or any other port then you can do that as well, manually, using the below-given syntax:

sudo firewall-cmd --zone=public --permanent --remove-service=http
sudo firewall-cmd --zone=public --permanent --remove-service=https

For some particular port number

sudo firewall-cmd --zone=public --permanent --remove-port 5000/tcp

Reload firewall-

firewall-cmd --reload



Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.