A practical moderate-level guide to managing Linux firewall rules with UFW and firewalld for server administration. This tutorial is for moderate readers who already understand basic Linux commands and want more practical server-administration depth.
Who should read this guide?
This guide is useful for IT support engineers, junior system administrators, cloud support teams, help desk technicians moving into infrastructure roles and cybersecurity learners who manage Linux-based services.
Firewall rule planning
Firewall rule planning requires both command knowledge and operational judgement. Review the current configuration, make a small controlled change, then verify the result using logs and service checks. This approach reduces downtime and makes troubleshooting easier.
UFW workflow for Ubuntu
UFW workflow for Ubuntu requires both command knowledge and operational judgement. Review the current configuration, make a small controlled change, then verify the result using logs and service checks. This approach reduces downtime and makes troubleshooting easier.
firewalld workflow for RHEL based systems
firewalld workflow for RHEL based systems requires both command knowledge and operational judgement. Review the current configuration, make a small controlled change, then verify the result using logs and service checks. This approach reduces downtime and makes troubleshooting easier.
Safe remote access rules
Safe remote access rules requires both command knowledge and operational judgement. Review the current configuration, make a small controlled change, then verify the result using logs and service checks. This approach reduces downtime and makes troubleshooting easier.
Verification and troubleshooting
Verification and troubleshooting requires both command knowledge and operational judgement. Review the current configuration, make a small controlled change, then verify the result using logs and service checks. This approach reduces downtime and makes troubleshooting easier.
Practical command reference
Use the following commands as a starting point. Always adjust service names, paths, usernames, ports and domains for your own environment.
sudo ufw status numberedsudo ufw allow 22/tcpsudo firewall-cmd --list-allsudo firewall-cmd --add-service=https --permanentsudo firewall-cmd --reload
Moderate-level implementation checklist
- Document the current state before making changes.
- Confirm the business impact and maintenance window if the server is production-facing.
- Test the command or configuration in a lab or staging environment first.
- Apply one controlled change at a time.
- Verify logs, service status and user-facing behavior after the change.
- Keep rollback steps ready before editing important configuration files.
Common mistakes to avoid
- Changing production systems without a backup or rollback plan.
- Restarting services before validating syntax or configuration files.
- Ignoring logs after a change appears to work.
- Using broad permissions or open firewall rules instead of least privilege.
- Assuming Ubuntu, Debian, RHEL and CentOS use identical paths or service names.
FAQ
Is this guide beginner friendly?
It is written clearly, but it targets moderate readers. You should already know basic Linux navigation, files, services and command-line usage.
Can I use these steps on cloud servers?
Yes. The workflow applies to VPS, AWS, Azure, Google Cloud and on-premises Linux servers. Always check provider firewall and security-group settings too.
Should I run these commands exactly as shown?
No. Treat them as examples. Replace paths, users, service names, IP addresses and domain names with values from your own server.
Disclaimer: This tutorial is for educational purposes. Test carefully before applying commands. WhileNetworking is not responsible for misuse, damage, data loss or production issues.
