VPS Plans HelpDesk Services MARKETPLACE Tutorials Support My Account
Home / Linux / How to Open and Close Ports on Linux (UFW & firewalld)

How to Open and Close Ports on Linux (UFW & firewalld)

Open/close ports safely using UFW or firewalld, verify the rules, and test connectivity step by step.

Views: 25 Unique: 23 Updated: 2026-03-21

What this is

This guide explains how to open and close firewall ports on Linux using UFW (Ubuntu/Debian) and firewalld (RHEL-based).

What it is for

  • Expose required services (web, SSH custom port)
  • Close unnecessary ports to improve security

Prerequisites

  • SSH access
  • Sudo privileges
  • Know the port and protocol (TCP/UDP)

Step-by-step

Step 1) Verify what is listening (server side)

sudo ss -lntp
sudo ss -lnup

Expected output: Lists listening TCP/UDP ports and processes.

Option A: UFW (Ubuntu/Debian)

Open a TCP port (example 80)

sudo ufw allow 80/tcp

Close a TCP port

sudo ufw delete allow 80/tcp

Check rules

sudo ufw status numbered

Option B: firewalld (RHEL/Rocky/Alma)

Open a port permanently

sudo firewall-cmd --add-port=8080/tcp --permanent
sudo firewall-cmd --reload

Close a port permanently

sudo firewall-cmd --remove-port=8080/tcp --permanent
sudo firewall-cmd --reload

Check rules

sudo firewall-cmd --list-ports
sudo firewall-cmd --list-services

Warnings & notes

  • Opening a firewall port does not start the service. The service must be installed and listening.
  • Always keep SSH allowed, or you can lock yourself out.

Final verification

From another machine, test the port (examples):

curl -I http://YOUR_SERVER_IP
nc -vz YOUR_SERVER_IP 8080

Conclusion

Only open the ports you truly need, and verify both firewall rules and the service status.

Back to category