How to Open a Port in Firewalld

by InMotion Hosting Contributor

1 Minutes, 27 Seconds to Read

After you install Firewalld, the first thing you’ll likely want to do is open a port to connect with web applications on your Linux server. Only dhcp6-client and SSH are enabled by default. However, opening ports with Firewalld is an easy process. The first reason for this is the commands are straight-forward and easy to remember.

The second reason is that Firewalld allows you to manage well-known ports as predefined “services” for a more human-readable configuration. For example, instead of using 443/tcp, you can simply use the https service. Since services are easier to read than numbers and protocols, it’s best to check if a port is listed as a service before using the port option.

Below we cover how to open a port in Firewalld and check open ports.

Upgrade to VPS Hosting for Peak Performance

Upgrade to InMotion VPS Hosting today for top-notch performance, security, and flexibility, and save up to $2,412 – a faster, stronger hosting solution is just a click away!

check markSSD Storage check markHigh-Availability check markIronclad Security check markPremium Support

VPS Hosting

Open a Port in Firewalld

  1. Log into SSH
  2. Check if the application port is defined as a service (e.g. IMAPS, Kerberos, MySQL): 
    firewall-cmd -get-services
  3. If the service is listed, whitelist the service permanently in the current zone: 
    sudo firewall-cmd --permanent --add-service=SERVICE

    If not, open the port permanently by specifying the port number and protocol (TCP or UDP): 
    sudo firewall-cmd --permanent --add-port=1234/tcp
  4. Reload Firewalld to apply changes:
    firewall-cmd --reload

    Reloading will remove –-runtime changes to apply the –permanent configuration.

Check Open Ports in Firewalld

After you whitelist ports and services, you should ensure your changes are accurate.

  1. List whitelisted services in Firewalld:
    sudo firewall-cmd --list-services
  2. List currently open ports in Firewalld:
    sudo firewall-cmd --list-ports

We recommend Certbot for creating and maintaining free Let’s Encrypt SSL certificates on non-cPanel cloud servers.

For more in-depth security configurations, check out our article covering Firewalld commands. To learn more about VPS security, check out these 24 ways to harden your Linux server.

InMotion Hosting Contributor
InMotion Hosting Contributor Content Writer

InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!

More Articles by InMotion Hosting
Related Articles
How to Reset Your WordPress Admin Password
How to Change Your cPanel Password
How to reset my OpenCart Admin Password
Change WordPress Admin Username for Security
Thunderbird Solution- Configuration Could Not Be Verified
Website Security – Preventative Measures
What is my Username and Password (I forgot)?
How to Change Your PrestaShop Admin Password by Database
Increase in Joomla Brute Force Attacks
How to pass PCI compliance scans

Was this article helpful? Join the conversation!

Need More Help?

Current Customers

Chat: Chat with Sales
Call: 757-416-6575 x2
Ticket: Submit a Support Ticket

Get Reliable Web Hosting

Chat: Chat with Sales
Email: [email protected]
Call: 757-416-6575 x1

Get web hosting that grows with your business. Our all-in-one hosting platform gives you everything your website needs to scale - so you can focus on the next big thing for you and your business.