How to Install Firewalld on Linux

Firewalld is a front-end manager that allows users to easily manage Linux firewall rules. It has become a popular option for securing Linux web hosting servers throughout the last few years. It’s installed by default on many newer Linux distribution releases.

An unique advantage to the command-line interface (CLI) application is that ruleset changes are updated without closing existing sessions with the system.

Those on cPanel servers or looking for a firewall application with a graphical interface may prefer ConfigServer Security & Firewall (CSF) with it’s cPanel plugin.

Before we begin, open a terminal (or SSH into your server), and check whether Firewalld is pre-installed and, if so, what version:

sudo firewall-cmd --version

If it’s installed, start configuring Firewalld. Below we cover:

Firewalld is pre-installed with our Ubuntu Cloud Server Hosting.

Install Firewalld on Linux with the Terminal

Install Firewalld on Debian / Ubuntu

Update repositories first:

sudo apt update
sudo apt -y install firewalld

Install Firewalld on CentOS / Fedora

sudo yum install firewalld

Install Firewalld on Arch / Manjaro

sudo pacman -S firewalld

Install Firewalld on Gentoo

emerge net-firewall/firewalld

Install Firewalld on openSUSE

Update openSUSE repositories first:

sudo zypper ref
sudo zypper install firewalld

Other Linux distro users can download the compressed file from https://Firewalld.org and compare the SHA256 checksum.

Getting Started

  1. Enable Firewalld to start upon boot:
    sudo systemctl enable firewalld
  2. Ensure Firewalld is running:
    sudo firewall-cmd --state
  3. If UFW is installed, disable it to make Firewalld your primary firewall:
    sudo ufw disable
  4. Open the https service:
    sudo firewall-cmd --permanent --add-service=https

    We recommend Certbot for creating free Let’s Encrypt SSL certificates on cloud servers.

  5. Reload Firewalld to apply your changes:
    sudo firewall-cmd --reload
  6. Ensure your changes were applied:
    sudo firewall-cmd --list-services

    The results should resemble:dhcp6-client https ssh.

To better secure your system, learn more Firewalld commands.

If you installed Firewalld on your personal computer, you can manage your local firewall with the firewall-config GUI application.

Was this article helpful? Let us know!