Using Firewalld To Secure Your Server

Firewalld is a nice interface to manage iptables or nftables rules on your CentOS systems. We will go over how to open port 80/HTTP and 443/HTTPS on our host firewall to allow access to our website running on our system. It is important to have a firewall on your system so you can control access to the services running on your system.

Opening ports

To open port 80/HTTP and 443/HTTPS we will want to run the following commands.

firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload

The output from each of the command above should say “success”.

We can check to make sure the rules are in place by running the following command.

firewall-cmd --list-all
output of firewall-cmd --list-all

Checking the status

To check the status of the firewalld service you can run the following command.

systemctl status firewalld
output of systemctl status firewalld

Enabling or Disabling

To enable firewalld you would run the following command

systemctl enable firewalld
output of systemctl enable firewalld

To disable firewalld you would run the following command.

systemctl disable firewalld
output of systemctl disable firewalld

Using tar to backup and move your website

Lets say you want to move your website from one server to another. One way you can attack this project is with tar. Tar will take a directory that you give it and put it into a single file and optionally compress it.

Creating a tarball

On the server that currently has your website you would want to run the following command. We are assuming that your website is stored in /var/www/html.

$ tar -zcvf website-backup.tar.gz /var/www/html/

This will create a tarball in your current working directory named website-backup.tar.gz
Let’s break this command down so we can understand what going on.

  • -z – This tells tar that we want to us gzip compression.
  • -c – This tells tar we want to create a new archive.
  • -v – This tell tar to tell us what it is doing.
  • -f – This tells tar what what file we want created.

Extracting a tarball

After you move the tarball you created earlier to the new server you would want to run the following command to extract it.

$ tar -zxvf website-backup.tar.gz

This command is much like the last one we ran other than instead of a -c we used an -x. This tells tar to extract the archive instead of creating and archive.
After running this command we will end up with a folder in our current working directory named var if we were to follow the directory structure it would looks like var/www/html/. Now you can move the files you extracted into their new home with something like.

$ mv var/www/html/* /var/www/html/

Downloading files via command line

Here are a couple commands you can use to download files on your Linux system. These are handy when you are wanting to grab some files while working on the command line.

Using wget

$ wget https://www.bitbandit.net/testfile.txt

Using curl

$ curl -o testfile.txt https://www.bitbandit.net/testfile.txt

These commands will download the file you specify and save them to your current working directory.