https://briansnelson.com/index.php?action=history&feed=atom&title=Howto_Block_or_Open_HTTP%2FHTTPs_Ports_IPTables
Howto Block or Open HTTP/HTTPs Ports IPTables - Revision history
2026-06-04T10:50:26Z
Revision history for this page on the wiki
MediaWiki 1.24.1
https://briansnelson.com/index.php?title=Howto_Block_or_Open_HTTP/HTTPs_Ports_IPTables&diff=646&oldid=prev
Brian at 18:25, 11 April 2014
2014-04-11T18:25:46Z
<p></p>
<table class='diff diff-contentalign-left'>
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 18:25, 11 April 2014</td>
</tr><tr><td colspan="2" class="diff-lineno">Line 11:</td>
<td colspan="2" class="diff-lineno">Line 11:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  vim /etc/sysconfig/iptables</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  vim /etc/sysconfig/iptables</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>  -A <del class="diffchange diffchange-inline">RH-Firewall-1-</del>INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>  -A INPUT -m state --state NEW<ins class="diffchange diffchange-inline">,ESTABLISHED </ins>-p tcp --dport 80 -j ACCEPT</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>  -A <del class="diffchange diffchange-inline">RH-Firewall-1-</del>INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>  -A INPUT -m state --state NEW<ins class="diffchange diffchange-inline">,ESTABLISHED </ins>-p tcp --dport 443 -j ACCEPT</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Now restart iptables</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Now restart iptables</div></td></tr>
<tr><td colspan="2" class="diff-lineno">Line 20:</td>
<td colspan="2" class="diff-lineno">Line 20:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>===Add via Command Line===</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>===Add via Command Line===</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>  /sbin/iptables -<del class="diffchange diffchange-inline">A </del>INPUT <del class="diffchange diffchange-inline">-m state --state NEW </del>-p tcp --dport 80 -j ACCEPT</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>  /sbin/iptables -<ins class="diffchange diffchange-inline">I </ins>INPUT -p tcp --dport 80 <ins class="diffchange diffchange-inline">-m state --state NEW,ESTABLISHED </ins>-j ACCEPT</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>  /sbin/iptables -<del class="diffchange diffchange-inline">A </del>INPUT -m state --state NEW <del class="diffchange diffchange-inline">-p tcp --dport 443 </del>-j ACCEPT</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>  /sbin/iptables -<ins class="diffchange diffchange-inline">I </ins>INPUT <ins class="diffchange diffchange-inline">-p tcp --dport 433 </ins>-m state --state NEW<ins class="diffchange diffchange-inline">,ESTABLISHED </ins>-j ACCEPT</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Save and close the file. Please note that under Red Hat enterprise Linux (RHEL) / CentOS / Fedora Linux you can use following commands to save and restore firewall rules.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>Save and close the file. Please note that under Red Hat enterprise Linux (RHEL) / CentOS / Fedora Linux you can use following commands to save and restore firewall rules.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  /etc/init.d/iptables save</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>  /etc/init.d/iptables save</div></td></tr>
<!-- diff cache key briansne_wiki-wiki_:diff:version:1.11a:oldid:645:newid:646 -->
</table>
Brian
https://briansnelson.com/index.php?title=Howto_Block_or_Open_HTTP/HTTPs_Ports_IPTables&diff=645&oldid=prev
Brian: Created page with "==Howto Block or Open Port HTTP(80)/HTTPS(443) with IPTables== Just installed your web server application, but you can not view the site from an outside source. Have you all..."
2014-04-11T17:03:32Z
<p>Created page with "==Howto Block or Open Port HTTP(80)/HTTPS(443) with IPTables== Just installed your web server application, but you can not view the site from an outside source. Have you all..."</p>
<p><b>New page</b></p><div>==Howto Block or Open Port HTTP(80)/HTTPS(443) with IPTables==<br />
<br />
Just installed your web server application, but you can not view the site from an outside source. Have you allowed the traffic to view your web server? By default, only SSHD is enabled.<br />
<br />
Apache webserver uses the TCP protocol to transfer information/data between server and browser. The default Iptables configuration does not allow inbound access to the HTTP (80) and HTTPS (443) ports used by the web server. This post explains how to allow inbound and outbound access to web services under Linux.<br />
<br />
===Edit the Iptables file===<br />
<br />
You can always edit your iptables file at /etc/sysconfig/iptables in Centos. Add the following lines, ensuring that they appear before the final LOG and DROP lines for the RH-Firewall-1-INPUT chain to open port 80 and 443:<br />
<br />
vim /etc/sysconfig/iptables<br />
<br />
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT<br />
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT<br />
<br />
Now restart iptables<br />
<br />
/etc/init.d/iptables restart<br />
<br />
===Add via Command Line===<br />
<br />
/sbin/iptables -A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT<br />
/sbin/iptables -A INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT<br />
<br />
Save and close the file. Please note that under Red Hat enterprise Linux (RHEL) / CentOS / Fedora Linux you can use following commands to save and restore firewall rules.<br />
<br />
/etc/init.d/iptables save</div>
Brian