This tutorial will guide you with commands that we can use to open or close popular web server ports that are HTTP port 80 and its secure version that is HTTPS port 443 on AlmaLinux 8 or Rocky Linux.
FirewallD comes as the default firewall application in these Linux, however, if you don’t have it, you can use the below commands-
sudo dnf install firewalld sudo systemctl start firewalld sudo systemctl enable firewalld
sudo systemctl status firewalld
What do we learn here in this tutorial:
- How to open HTTP port 80 and HTTPS port 443 permanently
- Command to open or close any server and port in AlmaLinux
Commands to open or close HTTP port 80 & HTTPS 443 on AlmaLinux/ Rocky 8
Step 1: Check the Active AlmaLinux port list: Before opening any port, let’s check what are ports & services are already allows to communicate outside the public network in our firewall. For that use:
sudo firewall-cmd --list-all
or
netstat -na | grep port-number
Replace port-number with the one you want to find out. If it is not active then you perhaps not get any result in return.
Step 2: Command to Open port 80 and port 443 port: As we know firewall comes with some default pre-configured services and http & https are in them. Thus, we can either use the service command or port command of the firewalld to allow them in the Public zone:
sudo firewall-cmd --zone=public --permanent --add-service=http sudo firewall-cmd --zone=public --permanent --add-service=https
However, if your Apache web server’s application is running on some other port apart from 80 & 443, we can open that as well. Let’s say your web application is on some custom port 5000. Thus, to open it we use-
sudo firewall-cmd --zone=public --permanent --add-port 5000/tcp
Just replace 5000 with whatever port number you want to open.
Step 3: Reload Firewalld service- To ensure that open service or port successfully recognized by the firewalld, reload its service using the command-
sudo firewall-cmd --reload
(optional) Close or block port 80 and 443 – In case after some time, you want to block or close the HTTP and HTTPS services or any other port then you can do that as well, manually, using the below-given syntax:
sudo firewall-cmd --zone=public --permanent --remove-service=http sudo firewall-cmd --zone=public --permanent --remove-service=https
For some particular port number
sudo firewall-cmd --zone=public --permanent --remove-port 5000/tcp
Reload firewall-
firewall-cmd --reload
