1

I'm trying to setup LAMP to CentOS7 with a guide. I tried to run these commands to allow HTTP and HTTPS traffic:

sudo firewall-cmd --permanent --zone=public --add-service=http 
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

But system give this error:

FirewallD is not running

So I searched for it then apply these commands:

systemctl enable firewalld
systemctl start firewalld

Then it printed "completed" output but my connection was aborted and I cannot connect to the server with IP:Port with PuTTy anymore.

What should I do? The only access to the server was that way for me. I have no physical access to the server.

tatoline
  • 423
  • 6
  • 11

3 Answers3

2

It looks like you locked yourself out, as you did not specify that ssh should also be allowed:

sudo firewall-cmd --permanent --zone=public --add-service=http 
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --permanent --zone=public --add-service=ssh
sudo firewall-cmd --reload

The guide above seems to assume that ssh is already allowed.

What should I do? The only access to the server was that way for me. I have no physical access to the server.

So at this point the only way to access the server will typically be via the VM console of your hosting provider / virtualisation solution. Almost all providers will allow you access to that console, so you should try to do that. Once logged in via the console, you can then run the above command to allow SSH to regain access via SSH.

Simon
  • 4,251
  • 2
  • 24
  • 34
  • I contacted with system administrators to run the following commands: `systemctl stop firewalld` and then `systemctl disable firewalld`. After that I can connect to server with SSH again and I will enable the firewalld with `systemctl enable firewalld` but not start it. Then I will run the commands you give to enable http, https and ssh. And lastly I will start the firewall with `systemctl start firewalld` again. I think it will work if I follow this order. This server does not belong a hosting provider but my company. They only gave me SSH login information.Thanks for your help, appreciate it – tatoline Nov 24 '20 at 09:58
  • 1
    No it didn't work. They disabled the firewall so I can connect now. I run `systemctl enable firewalld`. After that I tried to run your commands but it still output as `FirewallD is not running`. Do you know what to do? If I run the FirewallD with `systemctl start firewalld`, it will be same thing and I won't connect it again. So I have to enable SSH (and HTTP/HTTPS for extra) before I run it. But since it isn't running, I cannot enable SSH. An interesting paradox. – tatoline Nov 24 '20 at 10:18
0

Open below file Vi /usr/sbin/firewalld

#!/usr/bin/python2.7 -Es

-- coding: utf-8 --

Note if your python version is only python o another version then rename it python2.7

then systemctl start firewalld

Jamiul Islam
  • 1
0

I had the same problem, but this is what solved it for me.

Once you install Firewalld DO NOT enable it via systemctl enable firewalld

After install run this systemctl start firewalld and then add ssh and others zones

sudo firewall-cmd --permanent --zone=public --add-service=http 
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --permanent --zone=public --add-service=ssh
sudo firewall-cmd --reload

At the end when everything done and all your zones are correct then run systemctl enable firewalld

Zack K.
  • 1