Keith • 07 Nov 2018

Set up Firewalld on Centos 7

Set up Firewalld on Centos 7

Setting up FirewallD on CentOS 7 is a relatively easy and straightforward process. FirewallD is a firewall management tool that CentOS 7 servers offer by default. It provides a dynamic managed firewall with support for network/firewall zones.

How to set up FirewallD on CentOS 7

Here we show you how to set up FirewallD on CentOS 7 if you’re running a web server, SSH on port 7022 and mail server. FirewallD uses services and zones instead of iptables rules and chains. FirewallD services are xml configuration files with information of a service entry. xml configuration files are stored in the /usr/lib/firewalld/services/ and /etc/firewalld/services/ directories.

  1. Change the default zone:

Run # firewall-cmd –get-zones to list all the available zones

Run # firewall-cmd –get-default-zone to list the default zone

Change the default zone by entering # firewall-cmd –set-default-zone=dmz

  1. Add permanent service rules for HTTP and HTTPS to the dmz zone

Run # firewall-cmd –get-services to list all available services.

Enter # firewall-cmd –zone=dmz –add-service=http –permanent

and # firewall-cmd –zone=dmz –add-service=https –permanent

  1. Open port 25 (SMTP) and port 465 (SMTPS)

# firewall-cmd –zone=dmz –add-service=smtp –permanent

# firewall-cmd –zone=dmz –add-service=smtps –permanent

  1. Open, IMAP, IMAPS, POP3 and POP3S ports:

# firewall-cmd –zone=dmz –add-service=imap –permanent

# firewall-cmd –zone=dmz –add-service=imaps –permanent

# firewall-cmd –zone=dmz –add-service=pop3 –permanent

# firewall-cmd –zone=dmz –add-service=pop3s –permanent

  1. Since the SSH port is changed to 7022, you need to remove the SSH service (port 22) and open port 7022:

# firewall-cmd –remove-service=ssh –permanent

# firewall-cmd –add-port=7022/tcp –permanent

  1. Reload the firewall to implement your changes:

# firewall-cmd –reload

  1. List your firewall rules:

# firewall-cmd –list-all

Protect your server with FirewallD

When you set up FirewallD on CentOS 7, you are ensuring a higher safety level for your server. FirewallD features graphical configuration tool (firewall-config) and command line tool (firewall-cmd). For more advice or assistance setting up FirewallD on CentOS 7, contact HOSTAFRICA today.

Ashwin S.

The Author

Copy link

Ashwin is a content specialist at HOSTAFRICA, where he's been crafting clear, authoritative copy since 2021. With a background in digital marketing and a passion for impactful storytelling, he turns complex ideas into trustworthy, engaging content. Ashwin writing helps our audience navigate web hosting and cloud solutions with confidence.

Related posts

Enabling 2FA on your customer account HA

Daniel De Reuck • 25 Apr 2025 • min

Enabling 2FA on your customer account HA
How To Secure Linux Servers

Daniel De Reuck • 22 Jun 2022 • min

How To Secure Linux Servers
10 Tips for Securing Your Email Server

Joel Lumumba • 9 Jun 2022 • min

10 Tips for Securing Your Email Server

Need Assistance?

Our local Ghanaian support team
is ready to help.

assistants