-->

DEVOPSZONES

DEVOPSZONES

    • Recent blogs

    How to Allow web traffic in iptables in linux (Redhat/CentOS/Oracle linux/Amzon Linux2)

    Friday, June 03, 2022 0

     How to Allow web traffic in iptables in linux

    This article describes how to configure your iptables software firewall to allow web traffic on port 80 (HTTP) and port 443 (HTTPS). 

    Prerequisites

    You need to have the following prerequisites:

    • Basic understanding of Secure Shell (SSH)
    • Sudo or administrative access to your server

    Log in to your server by using SSH and then complete the steps in the following sections for your preferred setup method.

    One-liner command

    Use the following one-line command to open the open the firewall ports:

        sudo sh -c "iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT && iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT && service iptables save"


    Individual commands

    If you prefer to configure the software firewall by using discrete steps instead of by using the one-line command, perform the following steps:

    1. Run the following command to allow traffic on port 80:

      sudo iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT
    Output Before running commands to accept http traffic:
    # iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere             
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  ip-127-0-0-0.ec2.internal/8  anywhere
ACCEPT     tcp  --  anywhere             anywhere             state ESTABLISHED
ACCEPT     udp  --  anywhere             anywhere             state ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere             state ESTABLISHED
    Output After running commands to accept http traffic:
    # iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  ip-127-0-0-0.ec2.internal/8  anywhere
ACCEPT     tcp  --  anywhere             anywhere             state ESTABLISHED



    1. Run the following command to allow traffic on port 443:

    2. sudo iptables -I INPUT -p tcp -m tcp --dport 443 -j ACCEPT

    3. Run the following command to save the iptables rules:

      sudo service iptables save

    After you complete the preceding steps, you have configured configured your server to allow HTTP and HTTPS web traffic through your iptables firewall. If you’ve configured your website to accept traffic on ports 80 and 443, you should be able to visit both the HTTP and HTTPS versions of your website.

    Tags:
    Author Image

    About Manas Ranjan Tripathy

    No comments

    Subscribe to: Post Comments ( Atom )