This article explains how to open HTTP port 80 and HTTPS port 443 on RHEL 8 / CentOS 8 system with the
firewalld firewall. HTTP and HTTPS protocols are primarily used by web services such as, but not limited to, Apache or Nginx web serves.
For more information about the
firewalld firewall visit our introduction guide to firewalld syntax and usage guide.
In this tutorial you will learn:
- How to open HTTP port 80 and HTTPS port 443.
- How to open HTTP port 80 and HTTPS port 443 permanently.
- How to list currently open ports/services.
- How to close/remove HTTP port 80 and HTTPS port 443.
Software Requirements and Conventions Used
|Category||Requirements, Conventions or Software Version Used|
|System||RHEL 8 / CentOS 8|
|Software||firewall-cmd 0.6.3 or higher|
|Other||Privileged access to your Linux system as root or via the
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of
$ – requires given linux commands to be executed as a regular non-privileged user
RHEL 8 / CentOS 8 open HTTP port 80 and HTTPS port 443 step by step instructions
- Check the status of your firewall.
# firewall-cmd --state running
Retrieve your currently active zones. Take a note of the zone within which you wish to open ports 80 and 443:
# firewall-cmd --get-active-zones libvirt interfaces: virbr0 public interfaces: enp0s3
- Open port 80 and port 443 port.
The port 80 and port 443 ports are listed with Firewalld as
httpsservices. To temporarily open both ports execute:
# firewall-cmd --zone=public --add-service=http # firewall-cmd --zone=public --add-service=https
Note, the above
firewaldcommands will open HTTP and HTTPS port only temporarily.
- Open port 80 and port 443 port permanently. Execute the below commands to open both ports permanently, hence, make the settings persistent after reboot:
# firewall-cmd --zone=public --permanent --add-service=http # firewall-cmd --zone=public --permanent --add-service=https # firewall-cmd --reload
- Check for open ports/services. The services with permanently open ports are listed on line starting with
# firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: enp0s3 sources: services: cockpit dhcpv6-client http https ssh ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
- In case you need to close the previously open HTTP port 80 and HTTPS port 443 execute:
# firewall-cmd --zone=public --permanent --remove-service=http # firewall-cmd --zone=public --permanent --remove-service=https # firewall-cmd --reload