Introduction:
A firewall is a crucial component of server security, acting as a barrier between your server and potential threats. In this guide, we will walk you through the process of installing and configuring a firewall on a CentOS 8 server. We will use firewalld, CentOS’s default firewall management tool, to set up rules and enhance your server’s security.
Prerequisites:
- A CentOS 8 server with root or sudo access.
- A terminal or SSH client to connect to your server.
Step 1: Update Your System:
Before installing a firewall, ensure your server is up to date:
sudo dnf update
Step 2: Install firewalld:
You can install firewalld with the following command:
sudo dnf install firewalld
Step 3: Start and Enable firewalld:
To start the firewalld service and enable it to start on boot, run:
sudo systemctl start firewalld
sudo systemctl enable firewalld
Step 4: Configure Basic Firewall Rules:
By default, firewalld includes several predefined zones, such as “public,” “trusted,” and “block.” You can list the available zones:
sudo firewall-cmd --get-zones
Choose the appropriate zone for your network, and set it as the default zone:
sudo firewall-cmd --set-default-zone=your-chosen-zone
Step 5: Allow Essential Services:
To allow essential services like SSH, HTTP, and HTTPS, you can use predefined services:
sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https
Remember to reload the firewall for the changes to take effect:
sudo firewall-cmd --reload
Step 6: Opening Custom Ports:
If you are running services on custom ports, you can open them with:
sudo firewall-cmd --permanent --add-port=your-port/tcp
Remember to reload the firewall once more.
Step 7: Checking Configuration:
To verify your firewall configuration, run:
sudo firewall-cmd --list-all
This command will display a list of allowed services, ports, and zones.
Step 8: Testing the Firewall:
After configuring the firewall, it’s essential to test it to ensure your services are still accessible.
Conclusion:
Configuring a firewall on your CentOS 8 server is a crucial step in securing your system. Firewalld simplifies this process by providing an easy-to-use interface for managing firewall rules. By allowing only necessary services and ports, you can enhance the security of your server and protect it from potential threats.