To run services (web server, mail, database), you need to open the corresponding ports in the firewall. Below are instructions for iptables, ufw, and firewalld.
Applies to:
✔ VPS
✔ Dedicated servers
✔ Linux (Ubuntu, Debian, CentOS, AlmaLinux)
ufw status 2>/dev/null || firewall-cmd --state 2>/dev/null || echo "iptables"
Open a TCP port:
ufw allow 8080/tcp
Open a UDP port:
ufw allow 51820/udp
Open a port range:
ufw allow 3000:3100/tcp
Open a port for a specific IP only:
ufw allow from 1.2.3.4 to any port 3306
Check rules:
ufw status numbered
Open a port (permanently):
firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --reload
Open a service:
firewall-cmd --permanent --add-service=http
firewall-cmd --reload
Check:
firewall-cmd --list-all
Open a TCP port:
iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
Open a UDP port:
iptables -A INPUT -p udp --dport 51820 -j ACCEPT
Open a port for a specific IP:
iptables -A INPUT -p tcp -s 1.2.3.4 --dport 3306 -j ACCEPT
Save rules (Ubuntu/Debian):
apt install iptables-persistent -y
netfilter-persistent save
CentOS:
service iptables save
Check rules:
iptables -L -n --line-numbers
| Port | Service |
| 22 | SSH |
| 80 | HTTP |
| 443 | HTTPS |
| 3306 | MySQL |
| 5432 | PostgreSQL |
| 1500 | ISPmanager |
| 8888 | FastPanel |
| 3389 | RDP |
From another computer:
nc -zv SERVER_IP PORT
On the server, verify the port is listening:
ss -tlnp | grep PORT
Do not open database ports (3306, 5432) to all IPs unless necessary. Restrict access to specific addresses. If you need help configuring the firewall, open a support ticket.
