In this article, I will show you how to open port 80 and block all the other ports on CentOS 7 with firewalld. Let’s get started.
Installing a Web Server
In this section, I will show you how to install a web server on CentOS 7. I included this section so that you can have a real life experience on what I am talking about.
The most widely used web server software is Apache. Apache is available on the official package repository of CentOS 7.
To install Apache web server, run the following command:
Press ‘y’ and then press <Enter> to continue.
Apache web server should be installed.
Now run the following command to check whether Apache HTTP server is running or not:
As you can see from the screenshot below, the Apache HTTP server is not running.
You can start Apache HTTP server with the following command:
You will want the Apache HTTP server to start automatically on system boot. You can add Apache HTTP server to the startup with the following command:
Apache HTTP server is added to the startup.
Now open up a web browser and go to http://localhost
You should see the following page as shown in the screenshot below.
Checking for Open Ports with nmap
First check the IP address of your CentOS 7 server with the following command:
As you can see from the screenshot below, the IP address of my CentOS 7 server is 192.168.10.97
You can check for all the open ports with nmap utility from another computer as follows:
As you can see, right now, only the port 22 is open. What we are interested in is opening only port 80 and closing others.
Opening Port 80 and Closing Others
First check all the allowed services with the following command:
As you can see I have dhcpv6-client and ssh services allowed from outside. You may have more or less services allowed.
Now you have to disable them one by one.
You can remove the ssh service with the following command:
You can remove the dhcpv6-client service with the following command:
Now add HTTP service or port 80 with the following command:
Once you’re done, restart firewalld with the following command:
Now if you check the firewalld services again:
You should see only http service allowed as marked in the screenshot below.
Now you may do a port scan with nmap from another computer:
You should be able to see only port 80 open as shown in the screenshot below.
You can also test whether you can access the web server if you open up a browser and type in the web server’s IP address.
I can access the web server from a browser as you can see from the screenshot below.
So that’s how you open port 80 and block every other ports on CentOS 7. Thanks for reading this article.