-
Enable and start firewalld
systemctl enable firewalld systemctl start firewalld
-
Allow SSH (22)
firewall-cmd --zone=public --add-service=ssh --permanent
-
Allow http (80)
firewall-cmd --zone=public --add-service=http --permanent
-
Allow https (443)
firewall-cmd --zone=public --add-service=https --permanent
-
Allow smtp (25)
firewall-cmd --zone=public --add-service=smtp --permanent
-
Optionally allow MySQL
firewall-cmd --zone=public --add-port=3306/tcp --permanent
-
Reload the firewall configuration
firewall-cmd --reload