A firewall is a fundamental tool for enhancing the security of your CentOS 8 server. It helps control incoming and outgoing network traffic, safeguarding your server from unauthorized access and potential threats. This guide will walk you through the process of installing and configuring a firewall on your CentOS 8 server.
Step 1: Choose a Firewall Solution
CentOS 8 offers various firewall management tools, with firewalld
and iptables
being common choices. For simplicity, we’ll focus on firewalld
.
Step 2: Install firewalld
- Update your package repositories:
sudo dnf update
- Install
firewalld
:
sudo dnf install firewalld
Step 3: Enable and Start firewalld
- Enable
firewalld
to start at boot:
sudo systemctl enable firewalld
- Start the
firewalld
service:
sudo systemctl start firewalld
Step 4: Basic Firewall Configuration
- Check the default zone:
sudo firewall-cmd --get-default-zone
- List available zones:
sudo firewall-cmd --get-zones
- Set the active zone (for example,
public
):
sudo firewall-cmd --set-default-zone=public
Step 5: Allow Services
- List available services:
sudo firewall-cmd --get-services
- Allow specific services (e.g., HTTP and SSH):
sudo firewall-cmd --zone=public --add-service=http --permanent
sudo firewall-cmd --zone=public --add-service=https --permanent
sudo firewall-cmd --zone=public --add-service=ssh --permanent
- Reload the firewall to apply changes:
sudo firewall-cmd --reload
Using iptables
(Optional)
If you prefer working with iptables
, you can install it:
- Install
iptables-services
package:
sudo dnf install iptables-services
- Enable and start the
iptables
service:
sudo systemctl enable iptables
sudo systemctl start iptables
Testing Your Firewall
- Test SSH access:
ssh your_username@your_server_ip
- Test web access: Open a web browser and enter your server’s IP address or domain.
Conclusion
Implementing a firewall on your CentOS 8 server is an essential step in maintaining its security. firewalld
offers a user-friendly way to manage your firewall rules, while iptables
provides more advanced control. Regularly review and adjust your firewall rules to ensure that your server remains protected against potential threats and unauthorized access.