firewalld manages access to the ssh service, so changing SSH port in sshd_config might need to also be done in firewalld

Enable access via HTTP & HTTPS

sudo systemctl enable firewalld
sudo systemctl start firewalld
sudo firewall-cmd --zone=public --add-service=http
sudo firewall-cmd --zone=public --add-service=https
sudo firewall-cmd --reload

(opens in a new tab)

Failed to start firewalld.service: Unit is masked.

sudo systemctl unmask firewalld

Failed to start firewalld service unit is masked - How we fix it! (opens in a new tab)

WARNING: AllowZoneDrifting is enabled.

sudo vi /etc/firewalld/firewalld.conf
# Set AllowZoneDrifting to no

How to Fix "AllowZoneDrifting is enabled. This is considered an insecure configuration option..." (opens in a new tab)