🔥Setup the Firewall

In order to protect your server against common attacks, it is recommended that you setup a firewall. The following instructions assume that you have installed firewalld.

$ vi /etc/firewalld/zones/public.xml

Insert the following lines between the <zone> and </zone> tags:

  <port protocol="tcp" port="10000"/>
  <port protocol="tcp" port="80"/>
  <port protocol="tcp" port="8080"/>
  <port protocol="tcp" port="25"/>
  <port protocol="tcp" port="465"/>
  <port protocol="tcp" port="443"/>
  <forward-port to-port="8080" protocol="tcp" port="80"/>
  <forward-port to-port="8443" protocol="tcp" port="443"/>

Save and exit with :x

$ vi /etc/firewalld/direct.xml

This file should contain the following:

<?xml version="1.0" encoding="utf-8"?>
<direct>
  <rule priority="0" table="filter" ipv="ipv4" chain="OUTPUT">-p tcp -m tcp --dport=25 -j ACCEPT</rule>
  <rule priority="0" table="filter" ipv="ipv4" chain="OUTPUT">-p tcp -m tcp --dport=23 -j ACCEPT</rule>
  <rule priority="0" table="filter" ipv="ipv4" chain="OUTPUT">-p tcp -m tcp --dport=80 -j ACCEPT</rule>
  <rule priority="0" table="nat" ipv="ipv4" chain="OUTPUT">-p tcp -o lo --dport 80 -j REDIRECT --to-ports 8080</rule>
</direct>

Save and exit with :x

After completing the above edits, reload the firewall configuration:

$ firewall-cmd --reload

Last updated