friv

Member
Dec 14, 2018
14
0
1
Serbia
cPanel Access Level
Website Owner
I'm glad we were able to help track that down!

Hello cPRex

I have some issue with firewall.

I have enabled native firewall for my server Centos 7 but now i can't have access to Cpanel and WHM.

So,i want to keep firewall to protect my server. What i must do to have again access to Cpanel and WHM and not to stop the firewall ?




Thanks
 
Last edited:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
12,499
1,971
363
cPanel Access Level
Root Administrator
Hey there! We have a guide on adjusting the firewall settings here:


That page has a list of ports and which way the traffic needs to be opened in order for your system to work properly. Can you work through that and see if adjusting those settings gets things working?
 

friv

Member
Dec 14, 2018
14
0
1
Serbia
cPanel Access Level
Website Owner
Hey there! We have a guide on adjusting the firewall settings here:


That page has a list of ports and which way the traffic needs to be opened in order for your system to work properly. Can you work through that and see if adjusting those settings gets things working?

I realy appreciate your help with this link,but i have found solution for this. :)

I have just copied this in SSH and now i have access to Cpanel and WHM + firewall is active and running.:

sudo firewall-cmd --zone=public --add-port=1/tcp --permanent
sudo firewall-cmd --zone=public --add-port=20/tcp --permanent
sudo firewall-cmd --zone=public --add-port=21/tcp --permanent
sudo firewall-cmd --zone=public --add-port=22/tcp --permanent
sudo firewall-cmd --zone=public --add-port=25/tcp --permanent
sudo firewall-cmd --zone=public --add-port=26/tcp --permanent
sudo firewall-cmd --zone=public --add-port=37/tcp --permanent
sudo firewall-cmd --zone=public --add-port=43/tcp --permanent
sudo firewall-cmd --zone=public --add-port=53/tcp --permanent
sudo firewall-cmd --zone=public --add-port=53/udp --permanent
sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
sudo firewall-cmd --zone=public --add-port=110/tcp --permanent
sudo firewall-cmd --zone=public --add-port=113/tcp --permanent
sudo firewall-cmd --zone=public --add-port=143/tcp --permanent
sudo firewall-cmd --zone=public --add-port=443/tcp --permanent
sudo firewall-cmd --zone=public --add-port=465/tcp --permanent
sudo firewall-cmd --zone=public --add-port=465/udp --permanent
sudo firewall-cmd --zone=public --add-port=587/tcp --permanent
sudo firewall-cmd --zone=public --add-port=783/tcp --permanent
sudo firewall-cmd --zone=public --add-port=783/udp --permanent
sudo firewall-cmd --zone=public --add-port=873/tcp --permanent
sudo firewall-cmd --zone=public --add-port=873/udp --permanent
sudo firewall-cmd --zone=public --add-port=993/tcp --permanent
sudo firewall-cmd --zone=public --add-port=995/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2703/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2077/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2078/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2079/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2080/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2082/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2083/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2086/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2087/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2089/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2095/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2096/tcp --permanent
sudo firewall-cmd --zone=public --add-port=2195/tcp --permanent
sudo firewall-cmd --zone=public --add-port=3306/tcp --permanent
sudofirewall-cmd --zone=public --add-port=6277/tcp --permanent
sudo firewall-cmd --zone=public --add-port=6277/udp --permanent
sudo firewall-cmd --zone=public --add-port=24441/tcp --permanent
sudo firewall-cmd --zone=public --add-port=24441/udp --permanent



systemctl restart firewalld



Now, please i want to hear your opinion about this. Is this what i made safe? Did i open some ports where hackers can get in easily or no?


Thanks
 
Last edited: