{"id":13333,"date":"2025-12-20T10:31:04","date_gmt":"2025-12-20T05:01:04","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=13333"},"modified":"2025-12-20T10:31:07","modified_gmt":"2025-12-20T05:01:07","slug":"how-to-setup-firewalld-on-linux-server","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/how-to-setup-firewalld-on-linux-server","title":{"rendered":"How to Setup FirewallD on Linux Server &#8211; Step by Step Guide"},"content":{"rendered":"\n<p><strong>To set up FirewallD on a Linux server<\/strong>, install the firewalld package, enable and start the service, select a default zone, allow required services or ports, make rules permanent, and reload. Verify with firewall-cmd &#8211;list-all. This provides a stateful, zone-based firewall using nftables under the hood on most modern distributions.<\/p>\n\n\n\n<p>If you\u2019re wondering how to setup FirewallD on Linux server environments the right way, this guide walks you through a secure, beginner-friendly process with real-world examples. You\u2019ll learn zones, runtime vs. permanent rules, opening ports safely, NAT\/forwarding, logging, and best practices we use daily on production servers.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-firewalld-and-why-use-it\"><strong>What Is FirewallD and Why Use It?<\/strong><\/h2>\n\n\n\n<p>FirewallD is a dynamic, zone-based <a href=\"https:\/\/www.youstable.com\/blog\/configure-csf-firewall-on-linux\/\">firewall management service that configures Linux<\/a> kernel packet filters (nftables or iptables). It lets you change rules without dropping <a href=\"https:\/\/www.youstable.com\/blog\/error-establishing-database-connection\/\">established connections<\/a> and organizes rules by trust level (zones). Compared to static scripts, FirewallD is simpler, safer, and more adaptable to modern server workloads.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"prerequisites-and-supported-distributions\"><strong>Prerequisites and Supported Distributions<\/strong><\/h2>\n\n\n\n<p>You can run FirewallD on RHEL, AlmaLinux, Rocky Linux, CentOS Stream, Fedora, openSUSE, and Debian\/Ubuntu. On Ubuntu, UFW is common; you can use FirewallD instead (don\u2019t run both). You\u2019ll need:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Root or sudo access<\/li>\n\n\n\n<li><a href=\"https:\/\/www.youstable.com\/blog\/ssh-keys-vs-password-authentication\/\">SSH access to the server<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.youstable.com\/blog\/what-is-yum-on-linux-server\/\">Package manager<\/a> connectivity (dnf\/yum\/apt)<\/li>\n\n\n\n<li>List of ports\/services your applications require<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"install-firewalld\"><strong>Install FirewallD<\/strong><\/h2>\n\n\n\n<p>Use your system\u2019s package manager to <a href=\"https:\/\/www.youstable.com\/blog\/install-firewalld-on-linux\/\">install firewalld<\/a> and its CLI tool firewall-cmd.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># RHEL 8\/9, AlmaLinux, Rocky, CentOS Stream, Fedora\nsudo dnf install -y firewalld\n\n# Older RHEL\/CentOS\nsudo <a href=\"https:\/\/www.youstable.com\/blog\/install-yum-on-linux\/\">yum install<\/a> -y firewalld\n\n# Debian\/Ubuntu\nsudo apt update\nsudo apt install -y firewalld<\/code><\/pre>\n\n\n\n<p>On Ubuntu, disable UFW first to avoid conflicts:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw disable<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"enable-and-start-the-service\"><strong>Enable and Start the Service<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl enable --now firewalld\nsudo systemctl status firewalld\nfirewall-cmd --state   # should show \"running\"<\/code><\/pre>\n\n\n\n<p>Tip: Take a quick backup of your configuration before major changes:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo cp -a \/etc\/firewalld \/root\/firewalld-backup-$(date +%F)<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"understand-zones-and-runtime-vs-permanent\"><strong>Understand Zones and Runtime vs Permanent<\/strong><\/h2>\n\n\n\n<p>Zones define trust levels. Common ones are public (default), home, work, internal, trusted, and drop. Assign interfaces or source networks to a zone, then add allowed services\/ports within that zone.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Runtime rules: Active immediately but lost after reboot\/restart.<\/li>\n\n\n\n<li>Permanent rules: Persist across restarts. Run \u201c&#8211;permanent\u201d and then reload.<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code># Show default zone and active zones\nfirewall-cmd --get-default-zone\nfirewall-cmd --get-active-zones\n\n# Set default zone (typical)\nsudo firewall-cmd --set-default-zone=public\n\n# Assign interface to zone (replace eth0)\nsudo firewall-cmd --zone=public --add-interface=eth0\nsudo firewall-cmd --zone=public --permanent --add-interface=eth0\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"quick-start-open-essential-services-safely\"><strong>Quick Start: Open Essential Services Safely<\/strong><\/h2>\n\n\n\n<p>Always ensure SSH stays open to avoid lockout. Then allow your web stack (HTTP\/HTTPS) and anything else your application needs.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Allow SSH, HTTP, HTTPS on default zone (runtime)\nsudo firewall-cmd --add-service=ssh\nsudo firewall-cmd --add-service=http\nsudo firewall-cmd --add-service=https\n\n# Make it permanent and reload\nsudo firewall-cmd --permanent --add-service=ssh\nsudo firewall-cmd --permanent --add-service=http\nsudo firewall-cmd --permanent --add-service=https\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"allow-by-service-vs-port\"><strong>Allow by Service vs. Port<\/strong><\/h3>\n\n\n\n<p>Prefer services (they track port\/protocol changes via definitions) but ports are fine for custom apps.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Service-based (preferred)\nsudo firewall-cmd --permanent --add-service=mysql\n\n# Port-based (example custom TCP 8080)\nsudo firewall-cmd --permanent --add-port=8080\/tcp\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"set-a-stricter-default-zone-optional\"><strong>Set a Stricter Default Zone (Optional)<\/strong><\/h3>\n\n\n\n<p>For hardened hosts, consider \u201cdrop\u201d as the default and explicitly allow traffic only where needed. Just confirm <a href=\"https:\/\/www.youstable.com\/blog\/how-to-enable-ssh-access-for-clients-or-users\/\">SSH access<\/a> first.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Harden default stance\nsudo firewall-cmd --set-default-zone=drop\nsudo firewall-cmd --permanent --set-default-zone=drop\nsudo firewall-cmd --reload\n\n# Then explicitly allow SSH to prevent lockout\nsudo firewall-cmd --permanent --zone=drop --add-service=ssh\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"common-firewalld-configurations\"><strong>Common FirewallD Configurations<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"allow-only-a-specific-source-ip-whitelisting\"><strong>Allow Only a Specific Source IP (Whitelisting)<\/strong><\/h3>\n\n\n\n<p>Use rich rules to restrict access (great for admin panels or databases).<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Allow SSH only from 203.0.113.10\nsudo firewall-cmd --permanent --add-rich-rule='rule family=\"ipv4\" source address=\"203.0.113.10\" service name=\"ssh\" accept'\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"port-ranges-and-protocols\"><strong>Port Ranges and Protocols<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Open TCP ports 3000-3010\nsudo firewall-cmd --permanent --add-port=3000-3010\/tcp\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"masquerading-and-port-forwarding-nat\"><strong>Masquerading and Port Forwarding (NAT)<\/strong><\/h3>\n\n\n\n<p>For NAT gateways or containers behind a host, enable masquerade and optionally forward ports.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Enable masquerading on public zone\nsudo firewall-cmd --zone=public --permanent --add-masquerade\n\n# Forward TCP 8080 on the host to 192.168.1.10:80\nsudo firewall-cmd --zone=public --permanent \\\n  --add-forward-port=port=8080:proto=tcp:toaddr=192.168.1.10:toport=80\n\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<p>Ensure your server\u2019s routing and IP forwarding are configured if acting as a gateway.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"control-icmp-ping-and-diagnostics\"><strong>Control ICMP (Ping) and Diagnostics<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Block ping requests\nsudo firewall-cmd --permanent --add-icmp-block=echo-request\nsudo firewall-cmd --reload\n\n# Re-allow ping\nsudo firewall-cmd --permanent --remove-icmp-block=echo-request\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"panic-mode-and-lockdown-use-with-care\"><strong>Panic Mode and Lockdown (Use with Care)<\/strong><\/h3>\n\n\n\n<p>Panic mode drops all incoming and outgoing packets; lockdown restricts which local processes can adjust FirewallD. Use only when you know the impact.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Panic\nsudo firewall-cmd --panic-on\nsudo firewall-cmd --panic-off\n\n# Lockdown\nsudo firewall-cmd --lockdown-on\nsudo firewall-cmd --lockdown-off<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"verify-and-test-your-rules\"><strong>Verify and Test Your Rules<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code># Inspect active zone and rules\nfirewall-cmd --list-all\nfirewall-cmd --zone=public --list-all\n\n# List services and ports specifically\nfirewall-cmd --list-services\nfirewall-cmd --list-ports\n\n# Show all available services and details\nfirewall-cmd --get-services\nfirewall-cmd --info-service=http<\/code><\/pre>\n\n\n\n<p>From a remote machine, test connectivity with curl, nc (netcat), or nmap. Always validate both IPv4 and IPv6 if your server has dual-stack networking.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"logging-and-auditing\"><strong>Logging and Auditing<\/strong><\/h2>\n\n\n\n<p>Enable logging for denied packets during hardening or incident response.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Enable runtime logging of denied packets\nsudo firewall-cmd --set-log-denied=all\n\n# Make it persistent (supported on modern versions)\nsudo firewall-cmd --permanent --set-log-denied=all\nsudo firewall-cmd --reload\n\n# View logs\nsudo journalctl -u firewalld -e\nsudo journalctl -k | grep -i 'denied'<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"security-best-practices-we-use-in-production\"><strong>Security Best Practices We Use in Production<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Least privilege: Open only the ports you need; prefer service definitions.<\/li>\n\n\n\n<li>Restrict admin access: Whitelist SSH to office\/VPN IPs; consider a non-standard SSH port plus key-based auth.<\/li>\n\n\n\n<li>Separate zones: Put public NICs in public; private subnets in internal\/home zones.<\/li>\n\n\n\n<li>Dual-stack awareness: Mirror IPv4 rules for IPv6 or explicitly control IPv6 exposure.<\/li>\n\n\n\n<li>Permanent + reload: After testing runtime, make rules permanent and reload instead of restarting.<\/li>\n\n\n\n<li>Change control: Backup configs and document rule changes for audits.<\/li>\n\n\n\n<li>Layered security: Complement FirewallD with Fail2ban, SELinux, and WAF\/CDN where appropriate.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"troubleshooting-checklist\"><strong>Troubleshooting Checklist<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Is Firewalld running? firewall-cmd &#8211;state<\/li>\n\n\n\n<li>Any syntax errors? firewall-cmd &#8211;check-config<\/li>\n\n\n\n<li>What\u2019s active? firewall-cmd &#8211;get-active-zones and &#8211;list-all<\/li>\n\n\n\n<li>Service up and listening? ss -tulpn | grep :PORT<\/li>\n\n\n\n<li>Backend rules applied? sudo nft list ruleset | less<\/li>\n\n\n\n<li>Logs show denials? journalctl -u firewalld -e<\/li>\n\n\n\n<li>Other firewall conflicts? Ensure UFW\/other tools are disabled.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"automation-and-persistence-tips\"><strong>Automation and Persistence Tips<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Always apply changes with &#8211;permanent and then run sudo firewall-cmd &#8211;reload.<\/li>\n\n\n\n<li>Use Ansible or scripts for reproducible environments (e.g., ansible.posix.firewalld module).<\/li>\n\n\n\n<li>For interface-to-zone persistence, set both runtime and permanent, then reload.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"firewalld-vs-ufw-vs-raw-nftables\"><strong>FirewallD vs. UFW vs. Raw nftables<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>FirewallD: Best for RHEL\/Fedora ecosystems; dynamic, zone-based, integrates with services.<\/li>\n\n\n\n<li>UFW: Simple on Ubuntu; great for basic allow\/deny scenarios.<\/li>\n\n\n\n<li>nftables directly: Maximum control and performance; steeper learning curve.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"when-managed-help-makes-sense\"><strong>When Managed Help Makes Sense<\/strong><\/h2>\n\n\n\n<p>If you prefer a hands-off setup, managed VPS and dedicated servers from YouStable include production-ready firewall baselines, monitoring, and quick remediation. That means fewer outages and faster rollouts when you need new ports or secure staging environments.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs-firewalld-on-linux-server\"><strong>FAQs: FirewallD on Linux Server<\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765795297381\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-permanently-open-a-port-in-firewalld\"><strong>How do I permanently open a port in FirewallD?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use the &#8211;permanent flag and reload. Example: sudo firewall-cmd &#8211;permanent &#8211;add-port=9090\/tcp &amp;&amp; sudo firewall-cmd &#8211;reload. Prefer service names when available, such as sudo firewall-cmd &#8211;permanent &#8211;add-service=http.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765795306215\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"whats-the-difference-between-runtime-and-permanent-rules\"><strong>What\u2019s the difference between runtime and permanent rules?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Runtime rules apply immediately but disappear after a restart. Permanent rules survive restarts. After adding permanent rules, run sudo firewall-cmd &#8211;reload to activate them without dropping existing connections.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765795313547\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-see-which-zone-my-interface-uses\"><strong>How do I see which zone my interface uses?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Run firewall-cmd &#8211;get-active-zones. To assign an interface, use sudo firewall-cmd &#8211;zone=public &#8211;add-interface=eth0 and make it permanent with &#8211;permanent followed by sudo firewall-cmd &#8211;reload.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765795358997\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"can-i-use-firewalld-on-ubuntu-instead-of-ufw\"><strong>Can I use FirewallD on Ubuntu instead of UFW?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes. Install with sudo apt install firewalld, disable UFW with sudo ufw disable, then enable firewalld (sudo systemctl enable &#8211;now firewalld). Avoid running both tools at the same time to prevent conflicts.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765795365748\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-log-blocked-packets\"><strong>How do I log blocked packets?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Enable denied logging with sudo firewall-cmd &#8211;set-log-denied=all and, on supported versions, make it persistent using &#8211;permanent. View events in sudo journalctl -u firewalld or kernel logs with sudo journalctl -k.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"final-thoughts\"><strong>Final Thoughts<\/strong><\/h2>\n\n\n\n<p>Learning FirewallD once pays off for every Linux server you manage. Start with a safe default zone, open only what you need, make changes permanent, and verify rigorously. With these steps and examples, you can confidently deploy, scale, and secure your workloads on day one.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>To set up FirewallD on a Linux server, install the firewalld package, enable and start the service, select a default [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":15490,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[350],"tags":[],"class_list":["post-13333","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Setup-FirewallD-on-Linux-Server.jpg","author_info":{"display_name":"Prahlad Prajapati","author_link":"https:\/\/www.youstable.com\/blog\/author\/prahladblog"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13333","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=13333"}],"version-history":[{"count":3,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13333\/revisions"}],"predecessor-version":[{"id":15491,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/13333\/revisions\/15491"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/15490"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=13333"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=13333"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=13333"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}