After installing Baota Panel, it comes with a built-in firewall: iptables for CentOS 6, firewall for CentOS 7, and ufw firewall for Debian/Ubuntu. However, since Baota Panel has a graphical interface, beginners can also easily add firewall rules from the backend. The specific location is:
Security - FirewallBaota Panel Firewall Rules
Enter the Baota Panel backend, find Security, and then you can see the firewall interface. Here you can add or delete firewall rules, such as adding port permissions.
From here, adding the required rules can
open ports for Baota Panel. If you want to open many ports, you can use a dash to add them in batches. For example, 20-20000 opens all ports from 20 to 20000. Of course, if you purchase a
Alibaba Cloudor
Tencent Cloud, their management backend also has built-in security group firewall features. Then you can turn off the firewall that comes with Baota Panel to save resources.
Linux System Firewall Commands
Different Linux systems have different built-in firewall software. For example, CentOS 7 has firewalld built-in, while CentOS 6 has iptables built-in. So, let's discuss the rule commands for these two firewalls separately.
firewalld Opening Firewall Ports
The built-in firewall for CentOS 7 after installing Baota Panel is firewalld. The usage is as follows: Start: systemctl start firewalld
Check status: systemctl status firewalld
Stop: systemctl disable firewalld
Disable: systemctl stop firewalld The command to open a port with firewalld is as follows:
sudo firewall-cmd --zone=public --add-port=3000/tcp --permanent
sudo firewall-cmd --reload
CentOS 6 iptables Firewall Commands
The default firewall on CentOS 6 is iptables. If you want to check if the firewall is running, just enter the following command.
service iptables status
If the firewall is not running, it will prompt:
iptables: Firewall is not running. To start iptables, enter the following command:
service iptables start To restart iptables, enter the following command:
service iptables restart To stop iptables, enter the following command:
service iptables stop
iptables Firewall Open Port
Open SSH service port
[root@tp ~]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT
[root@tp ~]# iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT
Note: If the OUTPUT is set to DROP policy in the preset settings, you need to set OUTPUT rules, otherwise SSH connection cannot be made. Open Web service port
[root@tp ~]# iptables -A OUTPUT -p tcp --sport 80 -j ACCEPT
[root@tp ~]# iptables -A INPUT -p tcp --dport 80 -j ACCEPT
Open mail service ports 25, 110
[root@tp ~]# iptables -A INPUT -p tcp --dport 110 -j ACCEPT
[root@tp ~]# iptables -A INPUT -p tcp --dport 25 -j ACCEPT
Open FTP service port 21
[root@tp ~]# iptables -A INPUT -p tcp --dport 21 -j ACCEPT
[root@tp ~]# iptables -A INPUT -p tcp --dport 20 -j ACCEPT
iptables open all ports
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
Firewall rules not taking effect?
Some friends may encounter that after adding firewall rules, the website still cannot be opened, for example,
Firewall opened the port, still cannot access BaotaUsually, this situation is because the server you purchased comes with a firewall outside the system, such as
Tencent Cloud和
Alibaba Cloud. Their management backend has a security group that can be set. You need to go and open the corresponding rules (that is, you can turn off the system's built-in firewall and use their security group).
Comments are closed
The comment function for this article is closed. If you have any questions, please feel free to contact us through other channels.