In the digital era, where web services are integral to business and personal communications, securing web traffic is paramount. For those using Rocky Linux, configuring basic firewall rules to secure HTTP (port 80) and HTTPS (port 443) traffic is a crucial step in safeguarding data. This article aims to guide users through the process of setting up these essential firewall rules using FirewallD, the default firewall management tool in Rocky Linux.

The Importance of Securing HTTP and HTTPS

HTTP and HTTPS are the foundational protocols of the World Wide Web. While HTTP is the standard protocol for transmitting information over the web, HTTPS adds a layer of encryption, ensuring data security and integrity.

Benefits of Firewall Rules for HTTP and HTTPS:

• Enhanced Security: Protects sensitive data from being intercepted or tampered with.
• Compliance: Meets various data protection regulations and standards.
• User Trust: HTTPS is a trust signal for users, ensuring them that their data is secure.

Configuring FirewallD for HTTP and HTTPS on Rocky Linux

Step 1: Checking FirewallD Status

Before configuring firewall rules, ensure that FirewallD is installed and running:

sudo systemctl start firewalld
sudo systemctl enable firewalld

Step 2: Adding Firewall Rules for HTTP and HTTPS

1. Allow HTTP Traffic: HTTP traffic runs on port 80. To allow HTTP traffic through the firewall:

   sudo firewall-cmd --permanent --add-service=http

2. Allow HTTPS Traffic: HTTPS traffic runs on port 443. To allow HTTPS traffic:

   sudo firewall-cmd --permanent --add-service=https

Step 3: Reloading FirewallD

After adding the rules, reload FirewallD to apply the changes:

sudo firewall-cmd --reload

Step 4: Verifying the Configuration

Ensure that the rules are correctly applied:

sudo firewall-cmd --list-all

Best Practices for Firewall Configuration

• Regular Updates: Keep FirewallD and your Rocky Linux system up-to-date to ensure optimal security.
• Monitor Traffic: Regularly monitor your firewall logs to identify and address any unusual traffic patterns.
• Test Configurations: Always test new firewall rules in a controlled environment to ensure they do not disrupt normal web service operations.

Shape.host and Cloud Vps

For those who require a robust and secure platform for hosting their web services, Shape.host offers Cloud VPS services. Their Cloud VPS solutions are ideal for deploying Rocky Linux and managing FirewallD configurations, ensuring your web services are protected and run efficiently.

---

Note: Configuring basic firewall rules for HTTP and HTTPS is a critical step in securing web services on Rocky Linux. Regular maintenance, vigilant monitoring, and adherence to best practices in firewall management are essential to ensure ongoing protection and reliability of your web services.