How to Open a Port in Your Firewall

I was recently asked how to open ports within the firewall. Since it’s been quite a while since I’ve had to do something like this, I took the time to relearn and write some documentation.

In this tutorial, I’ll cover how to open a port on your server and test that it is open. More specifically, we will open port 9090.

Please note! This tutorial assumes you have a VPS Server or a Dedicated Server, that you have root access, and that you know how to connect to your server via SSH.

Step 1: Check if the Port is Open Already

The first thing we want to do is test using telnet to ensure port 9090 is not already open. Please note that you may need to enable telnet in Windows first. The command below was run from cmd.exe in Windows 7:

telnet 9090

And we got the following results:

Connecting To not open connection to the host, on port 9090: Connect failed

As you can see, the connection failed.

Step 2: Open the Port

To open a port, first open for edit your APF configuration file – /etc/apf/conf.apf:
(The below was ran within PuTTY after connecting vis SSH)

vim /etc/apf/conf.apf

Then, find the following lines and add the port in question:

# Common ingress (inbound) TCP ports IG_TCP_CPORTS="20,21,25,53,80,110,113,143,443,465,993,995,2049,2077,2078,2082,2083,2086,2087,2089,2095,2096,3306,5222,9090,12001"  # Common ingress (inbound) UDP ports IG_UDP_CPORTS="53,161,32786,111,2049,9090"

After editing the file and adding the ports, restart APF:

service apf restart

Step 3: Test Again to See if the Port is Open

Now that APF is restarted, we can once again use telnet to test if the port is open:
(The command below was ran from cmd.exe in Windows 7)

telnet 9090
Connecting To ESMTP Exim 4.80 #2 Fri, 17 May 2013 05:11:39 -0700 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail.

As you can see, instead of the Connect failed message, we received the greeting from the application running on port 9090. Congratulations, you now know how to open a port on your server using ssh!

11 thoughts on “How to Open a Port in Your Firewall

  1. This may help somebody else but this is how I managed to open a port in my firewall. This should apply to all systems that use firewalld, and going by Jacqueem’s content, it looks like this should be the case for most people.

    Run this command as root to open up port 80.

    firewall-cmd –permanent –zone=public –add-port=80/tcp

    It should respond with ‘success’. The first time I tried it, I got an error, and I had to restart my server to fix it. (AMP -> Manage My Cloud Server -> Restart Server)

    This command updates the config, but to apply it, you need to run this:

    firewall-cmd –reload

    Unfortunately, the reload command always hangs/crashes my server, and if that’s what happens for you, you’ll have to go to AMP -> Manage My Cloud Server and restart it.

    Now you should be good to go! Try telnet (telnet 80) to verify that the port has been opened. It should not say ‘Connection Refused’.

    You can check what ports have been opened for the public zone by running:

    firewall-cmd –zone=public –list-ports

    PS: firewall-cmd docs say that running firewall-cmd –state should tell you if the firewall is running or not. But for me, it always returns ‘not running’, when the firewall clearly is. But I’m no Linux sys admin and I might be missing something. Hope this helps someone though 🙂

  2. There is no apf installed on my cloud server. I have ufw and opened port 443 but I’m still blocked somewhere. Can you create an updated support topic, or update this one?

      1. Is there a timeline for this? I’ve tried to follow the man pages for firewall-cmd to add ports, but I just get an opaque error. I think I’m missing some information about how Inmotion is setting up the firewall that should be documented somewhere.

  3. I can’t connect putty it says: “Connection refused” and i don’t have any port open on my VPS and i don’t know how i do open them?

    1. Hello Stw,

      The instructions above will tell you how to open a port, however before you can connect to your VPS via Putty, you need to ensure you have added your IP to the firewall. This is the most common issue when first trying to connect to a VPS.

      Kindest Regards,
      Scott M

    2. my Server work well at first, but then it started to say Network error: Connection refused on PuTTY and WinSCP ports are closed and I can not open them having any access on my server .. I have had this problem for more than 2 weeks.

    3. Hello Stw,

      Thank you for contacting us today. If you are hosted with us, contact Live Support for assistance regaining access to your server.

      Alternately, if you have cPanel/WHM available there are plugins available that allow you to make changes from the interface.

      Otherwise, you may have to escalate to someone who has access, or can physically login to the server and make changes.

      Thank you,

    4. Hello parknpool_marc,

      Thank you for contacting us. Ensure you are logged as root in order to access that level of the file system.

      Thank you,

Was this article helpful? Let us know!