≡ Menu

Linux Open Port 80 (HTTP Web Server Port)

I am new CentOS/RHEL 5.x/6.x user. How do I open port 80 (Apache Web Server) under Red Hat / CentOS / Fedora Linux?

The default configuration file for iptables based firewall on RHEL / CentOS / Fedora Linux is /etc/sysconfig/iptables for IPv4 based firewall. For IPv6 based firewall you need to edit /etc/sysconfig/ip6tablesfile.

Open this file using a text editor such as vi/vim or emacs:

Linux Open Port 80 (http)

# vi /etc/sysconfig/iptables
Append rule as follows rules on RHEL/CentOS version 5.x or older:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
## Open 443 port i.e. HTTPS
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT

IF you are using RHEL/Centoa version 6.x or above, try:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
## Open 443 port i.e. HTTPS
-A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT

Save and close the file. Restart iptables service, enter:
# /etc/init.d/iptables restart

See “CentOS / Redhat Iptables Firewall Configuration Tutorial” for more information.

Share this tutorial on:

Your support makes a big difference:
I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft, takes a lot of my time and hard work to produce. If you use nixCraft, who likes it, helps me with donations:
Become a Supporter →    Make a contribution via Paypal/Bitcoin →   

Don't Miss Any Linux and Unix Tips

Get nixCraft in your inbox. It's free:

{ 20 comments… add one }
  • gabriel July 18, 2009, 6:34 pm

    I tried this and restarted the ipchains with service iptables restart

    but it will still not work.

    any ideas?

  • james stewart July 20, 2009, 9:10 am

    Thanks for this. Being used to debian/ubuntu I’d forgotten where to go when setting up a CentOS box.

    @gabriel – you might want to try moving the rule further up in the file. I put it as the last rule but that didn’t work. Moving it further up (in particular before “-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited”) seemed to do the trick.

  • Lance Olsen September 10, 2010, 7:01 pm

    This almost worked for me. Using -A was a problem however, because the rule needed to be insterted at the top because of other rules I had in place. If the above doesn’t work for you, use the following at the command line:

    iptables -I RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT

    • sanjay February 17, 2011, 6:22 am

      Firstly Many thank you to you all…

      Awesome…and Great community on earth and heartily thank you again for all your time and expertise.

      I have used below and it works…

      iptables -I RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT

  • milniki za sanitarije October 13, 2010, 12:58 pm

    Thank you for this one, I really needrf this for my Apache config :)

  • PHP Guru April 27, 2011, 6:29 am

    This is great and worked perfectly! Thank you for posting this. I was wondering if you know the way to do the same thing from the command line (without vi) so that it can be scripted. I found on some other blog

    iptables -A INPUT -p tcp --dport 80 -j ACCEPT 
    service iptables save

    but when I tried that it didn’t work and when I checked /etc/sysconfig/iptables there’s no rule for port 80 like I expected.

  • Soj August 26, 2011, 3:23 am

    I have used the following to open port 80 via iptables:

    iptables -A INPUT -p tcp -m state –state NEW,ESTABLISHED -j ACCEPT –dport 80

  • Amani Musomba February 8, 2012, 5:48 am

    I used the below commands to open port 443 via iptables from the command line.

    /sbin/iptables -A INPUT -m state –state NEW -p tcp –dport 443 -j ACCEPT
    /etc/init.d/iptables save
    /etc/init.d/iptables restart

    and it worked for me.

    • Pizzaroo February 22, 2012, 10:49 am

      thanks a lot buddy

  • David Kendall March 2, 2012, 4:08 pm

    Thank you. This worked perfectly for me.

  • Daniel S. March 21, 2012, 3:10 am

    Yeah make sure you don’t put that line at the very bottom. Thanks for the great suggestion!

  • Herznad April 17, 2012, 6:52 pm

    Hello i connect to my server feddora

    1. vi /etc/sysconfig/iptables
    2. -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 27015 -j ACCEPT
    3. how to close them and how to save also i can’t how to back like cd what happening

    i dont know give mee a screen please how to save and exit from log beacuse i dont know how to exit i try everything exit he dosent do close ctrl + c nothing only x logout ???

  • Herznad April 17, 2012, 6:53 pm

    I Want to know step by step every words please steps please replay sir soon as you can step by step

    first user and pass to connect to my root server second what to do 3th 4th etc… i want to know :S:S:S

  • rafael July 13, 2012, 8:09 am

    Thank you!
    Don’t forget to save the rules!
    # service iptables save

  • John RK July 18, 2012, 8:33 am

    The following is working fine…execute all 6 command line scripts.
    ENV: Red Hat Enterprise Linux Server release 5.3 (Tikanga)
    Opening ports 80 & 443
    1. iptables -A INPUT -p tcp –dport 80 -j ACCEPT
    2. iptables -A INPUT -p tcp –dport 443 -j ACCEPT
    3. service iptables save
    4. /etc/init.d/iptables restart
    5. service ip6tables stop
    6. chkconfig ip6tables off

  • WallTearer September 14, 2012, 1:02 pm

    Thanks a lot!
    The following worked for me:
    add line:
    -A INPUT -p tcp -m tcp –dport 80 -j ACCEPT
    in the file:
    and then restart iptables by:
    /etc/init.d/iptables restart

  • srihari October 31, 2012, 3:21 am

    thank you all. it helped me.

  • Shamsul Haque February 19, 2013, 5:27 pm

    Thanks a lot buddy. Its really a nice post.

  • Jared Chiddix February 15, 2014, 11:49 am

    1. iptables -A INPUT -p tcp –dport 80 -j ACCEPT
    2. iptables -A INPUT -p tcp –dport 443 -j ACCEPT
    3. service iptables save
    4. /etc/init.d/iptables restart
    5. service ip6tables stop
    6. chkconfig ip6tables off

  • dxman February 18, 2014, 6:19 am

    m one Hundred Ten % Sure that this website will make me complete System Administrator

Leave a Comment

You can use these HTML tags and attributes: <strong> <em> <pre> <code> <a href="" title="">

   Tagged with: , , , , , , , ,