Opening Ports In Your Firewall
Occasionally, you will find that you need to open up a port in your firewall for some application or another. Depending on which firewall is installed on your server, there are several ways to go about this:
APF
Unfortunately, APF can only be configured by accessing the server over SSH, as the root user.
Once in your server, open the following file in your favorite text editor:
/etc/apf/conf.apf
Use your editor’s search function to find the following line:
# Common inbound (ingress) TCP ports
IG_TCP_CPORTS="20,21,22,25,53,80,110,143,443,465,993,995"
Besides this ingress TCP entry, you should also see similar lines for UDP and ICMP ports, and outbound (egress) entries for all three packet types. For the most part, when a program needs a port opened, it needs inbound TCP opened. If you open the port following these article, and you still encounter problems, check to make sure the program does not need outbound TCP opened, or another packet type altogether.
Add the port that your program is requesting by adding the port number to the list. Make sure it is separated from other ports by commas.
After saving and closing out of your text editor, you will need to restart APF. This is as simple as running:
apf -r
CSF
Unlike APF, CSF can be configured in Web Host Manager (WHM) as well as over SSH. The SSH instructions are remarkably similar; open up the following file:
/etc/csf/csf.conf
and add the port you need to open to the tcp_in or tcp_out line:
# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,26"
# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,37,43,53,80,110,113,443,587,873"
Once complete, CSF needs to be restarted for the change to take effect:
csf -r
Change CSF Configuration File Within WHM
In WHM, type configserver in the Find bar in the upper left-hand corner. Click on ConfigServer Security&Firewall. On that page, click on the Firewall Configuration button:
That page will allow you to edit the same file you would if you were accessing it over ssh:
Like with the ssh instructions, add the necessary port to the list, then click Change at the bottom of the page to save your changes. After that is run, you will need to restart csf. Thankfully, the very next screen you will see has a button for that, Restart csf+lfd
BONUS CONTENT: Closing ports
Closing ports in either firewall are as simple as removing the port from the list in the configuration file, and restarting the firewall.
Always remember that if you would like assistance with your server’s firewall, you can always contact the Liquid Web Heroic Support Team, 24/7/365.
===
Liquid Web’s Heroic Support is always available to assist customers with this or any other issue. If you need our assistance please contact us:
Toll Free 1.800.580.4985
International 517.322.0434
support@liquidweb.com
Related Articles:
- What is CentOS? Everything You Need to Know
- Check Apache Status with systemctl status and apachectl status Commands
- How to Find the Server Name Indication (SNI) Supporting Details
- How to Install Pip on CentOS 7
- Get Kernel Version for Linux: A Guide
- What Is a Time Series Database? How It Works & Use Cases
About the Author: Patrick Hawkins
Patrick Hawkins is a former Test Engineer and Managed WordPress admin with Liquid Web
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.
Latest Articles
What is Hyperscale Computing?
Read ArticleVirtual Desktop Environment — Configuring Kasm Workspaces
Read ArticleRedis as Cache: How It Works and Why You Should Use It
Read ArticleRefer-a-Friend Program for Website Hosting: Get $100 for Each Friend!
Read ArticleRefer-a-Friend Program for Website Hosting: Get $100 for Each Friend!
Read Article