How to Disable CentOS Firewall & Suexec

Updated April 17, 2017

If you're running a CentOS Linux server, deactivating the machine's firewall on and off can help make remote diagnostics and configuration easier. Apache suEXEC allows you to run your web processes as a user other than the default; disabling it ensures that all web processes are active under a single user. Knowing how to manipulate and configure the settings of your CentOS Linux server gives you more control over its behaviour and is a crucial part of network management.

Log into your CentOS machine as the root user. You must be the root user to disable the firewall and suEXEC.

Type "service iptables save" into the command line and press "Enter."

Type "service iptables stop" into the command line and press "Enter." The firewall will deactivate.

Type "chkconfig iptables off" into the command line and press "Enter." The firewall will no longer activate at start-up.

Type "cd /usr/local/apache/sbin" and press "Enter" to navigate to the directory containing the suEXEC configuration file.

Type "rm suexec" and press "Enter" to delete the suEXEC configuration file. If you want to temporarily disable suEXEC, type "mv suexec OFFsuexec" and press "Enter" to change the name of the configuration file. Restore your suEXEC configuration file by typing "mv OFFsuexec suexec" and pressing "Enter."

Restart the server to ensure all changes are applied. Type "shutdown -r now" and press "Enter" to reboot the server.


If you are running an IPv6 firewall, type "ip6tables" instead of "iptables" in steps 2, 3, and 4 to disable the firewall.


Use the "rm suexec" command in step 6 only if you want to permanently disable suEXEC on the server. Once the file is removed, you will need to create a new suEXEC configuration file to use the service again.

Things You'll Need

  • Root privileges
Cite this Article A tool to create a citation to reference this article Cite this Article

About the Author

William Nagel is a graduate of the Georgia Institute of Technology, where he studied science, technology and culture. He has been writing since 2007 and specializes in computer hardware, operating systems and software documentation. His work has been published in the "North Avenue Review."