Starting a Cloud Server Firewall without blocking the Web Console
Problem: Installing and starting a Firewall will stop the Web Console from working.
This problem is caused by the Firewall blocking port 31297 by default. This port is needed for the Web Console to work properly. After installing and starting the firewall, your Web Console will freeze and not accept any new input. If you refresh the page or start a lab server with it blocked, the Web Console will only show the loading screen (pictured below)
Avoiding the Problem:
To avoid encountering the problem, you can start and add the port for the Web Console all in one command. This makes sure you do not have any issues when starting the firewall. See below for how to do this with Firewalld and UFW. Firewalld is common for CentOS 7 and Red Hat 7 servers. UFW is common for Ubuntu distributions.
All the below commands must be run as root
systemctl start firewalld && firewall-cmd --add-port 31297/tcp --permanent && firewall-cmd --reload
UFW is a little different than Firewalld in that after the service is started, the firewall itself is not enabled. This means you can run the commands in separate entries instead of all at once.
Start by making sure the firewall service is running. This is slightly different depending on the version of Ubuntu:
systemctl start ufw
service ufw start
Then add the port for the web console to the firewall. It is generally also recommended to add port 22 for regular ssh at this point as well:
ufw allow 31297
ufw allow 22
Finally, enable the firewall to start protecting your server: