Running CentOS 7
I’d like to make sure I understand the zones correctly and how this all functions.
My case is via firewalld to allow only a specific IP ssh access but allow the http https to go through normally
the default zone is public, so if I remove ssh access from there and all other zones, then on one zone allowing the ssh service and add the rich rules for my IP would that be the ideal setup for that and other services that I want to allow only from my IP?
Or do I have to specify the service in the rich-rule?
Also the How To Set Up a Firewall Using FirewallD on CentOS 7 tutorial referenced interfaces and I’m not seeing the eth0 eth1 as interfaces on any of the zones. (if I do remove a service from the default zone though, that access is removed) so I don’t think this is a problem and just something to note.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi @hdtroll
I don’t know much about FirewallD, but you need to move the ssh service to a different rule and create allowed sources on that - have a look at this:
https://serverfault.com/questions/680780/block-all-but-a-few-ips-with-firewalld#680789
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.