{"id":14335,"date":"2025-12-30T11:22:21","date_gmt":"2025-12-30T05:52:21","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=14335"},"modified":"2025-12-30T11:22:24","modified_gmt":"2025-12-30T05:52:24","slug":"how-to-monitor-secure-firewalld-on-linux-server","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/how-to-monitor-secure-firewalld-on-linux-server","title":{"rendered":"How to Monitor &amp; Secure FirewallD on Linux Server &#8211; Easy Guide"},"content":{"rendered":"\n<p><strong>To monitor and secure FirewallD<\/strong> on a Linux server, verify its status, set a least-privilege baseline with zones and services, enable logging for denied packets, and automate alerts and bans with tools like Fail2Ban. Use firewall-cmd to list, audit, and harden rules, then continuously review logs and update policies for evolving threats.<\/p>\n\n\n\n<p>FirewallD on Linux server environments is the first line of defense for your public-facing applications. In this guide, you\u2019ll learn how to monitor FirewallD activity, audit rules, and harden configurations using practical commands and safe workflows. We\u2019ll cover logging, rich rules, rate limiting, Fail2Ban integration, and ongoing security hygiene.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-firewalld-and-why-it-matters\"><strong>What is FirewallD and Why it Matters<\/strong>?<\/h2>\n\n\n\n<p>FirewallD is a dynamic host firewall that <a href=\"https:\/\/www.youstable.com\/blog\/snmp-port\/\">manages network<\/a> rules through zones and services. On modern RHEL, Rocky, AlmaLinux, and Fedora, it uses the <a href=\"https:\/\/www.youstable.com\/blog\/fix-ufw-on-linux\/\">nftables backend<\/a>. It lets you change policies without dropping connections, making it ideal for production servers that require continuous uptime and strong security.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"key-concepts-zones-services-runtime-vs-permanent\"><strong>Key Concepts: Zones, Services, Runtime vs. Permanent<\/strong><\/h2>\n\n\n\n<p>Zones group interfaces and sources by trust level (for example, public, internal, trusted). Services are pre-defined rule sets (like ssh, http, https) mapped to ports and protocols.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Runtime:<\/strong> Immediate changes; lost at reboot or reload unless saved.<\/li>\n\n\n\n<li><strong>Permanent:<\/strong> Saved to disk; applied on reload or reboot.<\/li>\n\n\n\n<li><strong>Best practice:<\/strong> Build in permanent, test in runtime, then reload to persist.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"prerequisites-and-safe-change-process\"><strong>Prerequisites and Safe Change Process<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Have console access or out-of-band management before changing SSH rules.<\/li>\n\n\n\n<li>Know your default zone and active interfaces.<\/li>\n\n\n\n<li>Whitelist your admin IPs for SSH before tightening policies.<\/li>\n\n\n\n<li>Plan a maintenance window for reloads on critical systems.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"verify-firewalld-status-and-baseline\"><strong>Verify FirewallD Status and Baseline<\/strong><\/h2>\n\n\n\n<p>Start by confirming <a href=\"https:\/\/www.youstable.com\/blog\/install-firewalld-on-linux\/\">FirewallD is installed<\/a>, active, and which zone is in use. This sets your monitoring baseline and avoids accidental lockouts.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl status firewalld\nsudo firewall-cmd --state\nsudo firewall-cmd --get-default-zone\nsudo firewall-cmd --get-active-zones\nsudo firewall-cmd --list-all<\/code><\/pre>\n\n\n\n<p>If you\u2019re on a distro that defaults to another firewall (for example, Ubuntu\u2019s UFW), use one firewall service at a time to prevent conflicts.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"build-a-secure-baseline-policy\"><strong>Build a Secure Baseline Policy<\/strong><\/h2>\n\n\n\n<p>Your goal is least privilege: allow only what the server needs. For a typical web server, that\u2019s SSH for admin access and HTTP\/HTTPS for visitors.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"set-the-default-zone-and-allow-required-services\"><strong>Set the Default Zone and Allow Required Services<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Set default zone to \"public\" and allow core services\nsudo firewall-cmd --permanent --set-default-zone=public\nsudo firewall-cmd --permanent --zone=public --add-service=ssh\nsudo firewall-cmd --permanent --zone=public --add-service=http\nsudo firewall-cmd --permanent --zone=public --add-service=https\n\n# Optional: open a specific port (e.g., PostgreSQL 5432)\nsudo firewall-cmd --permanent --zone=public --add-port=5432\/tcp\n\n# Apply changes\nsudo firewall-cmd --reload\n\n# Verify\nsudo firewall-cmd --list-all<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"lock-down-ssh-to-known-ips-recommended\"><strong>Lock Down SSH to Known IPs (Recommended)<\/strong><\/h3>\n\n\n\n<p>Restricting <a href=\"https:\/\/www.youstable.com\/blog\/what-is-fail2ban-on-linux-server\/\">SSH by source IP radically reduces brute-force<\/a> risk. Use rich rules to allow SSH only from trusted addresses.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Allow SSH only from admin IPs\nsudo firewall-cmd --permanent --zone=public \\\n  --add-rich-rule='rule family=ipv4 source address=203.0.113.10 service name=\"ssh\" accept'\nsudo firewall-cmd --permanent --zone=public \\\n  --add-rich-rule='rule family=ipv6 source address=2001:db8::\/64 service name=\"ssh\" accept'\n\n# Optionally drop SSH for everyone else (place after accepts)\nsudo firewall-cmd --permanent --zone=public \\\n  --add-rich-rule='rule service name=\"ssh\" drop'\n\nsudo firewall-cmd --reload\nsudo firewall-cmd --list-rich-rules<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"monitor-firewalld-activity-and-logs\"><strong>Monitor FirewallD Activity and Logs<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"enable-logging-for-denied-packets\"><strong>Enable Logging for Denied Packets<\/strong><\/h3>\n\n\n\n<p>Enable log-denied to see rejected traffic. This is essential for monitoring, alerting, and incident response.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Enable logging (options: off, all, unicast, broadcast, multicast)\nsudo firewall-cmd --set-log-denied=all\nsudo firewall-cmd --get-log-denied\n\n# Tail recent firewall logs\nsudo journalctl -u firewalld -f<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"read-and-filter-logs-effectively\"><strong>Read and Filter Logs Effectively<\/strong><\/h3>\n\n\n\n<p>FirewallD writes to systemd-journald. Use journalctl to query time ranges or grep for noise-free analysis.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Last hour of FirewallD logs\nsudo journalctl -u firewalld --since \"1 hour ago\"\n\n# Kernel-level drops (network stack)\nsudo journalctl -k | grep -i \"IN=\"\n\n# Summarize hits for a specific port (e.g., SSH)\nsudo journalctl -k | grep -i \"DPT=22\" | awk '{print $NF}' | sort | uniq -c | sort -nr | head<\/code><\/pre>\n\n\n\n<p>On RHEL 8+\/Rocky\/AlmaLinux\/Fedora, FirewallD uses nftables. Avoid editing nft rules directly; manage rules with firewall-cmd to keep the configuration consistent.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"automated-alerts-and-bans-with-fail2ban\"><strong>Automated Alerts and Bans with Fail2Ban<\/strong><\/h2>\n\n\n\n<p>Fail2Ban reads service logs (for example, SSH auth failures) and uses FirewallD to block abusive IPs automatically. This is a proven way to reduce brute-force noise and safeguard server resources.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># <a href=\"https:\/\/www.youstable.com\/blog\/install-fail2ban-on-linux\/\">Install fail2ban<\/a> (RHEL\/Rocky\/AlmaLinux\/Fedora)\nsudo dnf install -y fail2ban\n\n# Basic jail for SSH using FirewallD rich rules\nsudo tee \/etc\/fail2ban\/jail.local &gt;\/dev\/null &lt;&lt;'EOF'\n&#91;DEFAULT]\nbantime = 1h\nfindtime = 10m\nmaxretry = 5\nbackend = systemd\nbanaction = firewallcmd-rich-rules\n\n&#91;sshd]\nenabled = true\nEOF\n\nsudo systemctl enable --now fail2ban\nsudo fail2ban-client status\nsudo fail2ban-client status sshd<\/code><\/pre>\n\n\n\n<p>Monitor bans with <code>fail2ban-client status sshd<\/code>. If you operate multiple services (Postfix, Dovecot, Nginx), <a href=\"https:\/\/www.youstable.com\/blog\/se-firewalld-on-linux\/\">enable their jails and use banaction = firewallcmd-rich-rules for cohesive FirewallD<\/a> enforcement.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"advanced-hardening-with-rich-rules\"><strong>Advanced Hardening with Rich Rules<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"rate-limit-ssh-to-throttle-brute-force\"><strong>Rate-Limit SSH to Throttle Brute Force<\/strong><\/h3>\n\n\n\n<p>Rate limiting complements Fail2Ban. The following rule allows up to 10 connections per minute to SSH; excess attempts are dropped. Adjust to your environment and legitimate usage patterns.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Rate-limit SSH globally\nsudo firewall-cmd --permanent --add-rich-rule='rule service name=\"ssh\" limit value=\"10\/m\" accept'\nsudo firewall-cmd --permanent --add-rich-rule='rule service name=\"ssh\" drop'\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"block-known-bad-ips-and-subnets\"><strong>Block Known-Bad IPs and Subnets<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Block a single <a href=\"https:\/\/www.youstable.com\/blog\/ipv4-address-classes\/\">IPv4 address<\/a>\nsudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=198.51.100.23 drop'\n\n# Block an IPv4 subnet\nsudo firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=198.51.100.0\/24 drop'\n\n# Block an IPv6 subnet\nsudo firewall-cmd --permanent --add-rich-rule='rule family=ipv6 source address=2001:db8:bad::\/48 drop'\n\nsudo firewall-cmd --reload<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"panic-mode-and-lockdown-mode\"><strong>Panic Mode and Lockdown Mode<\/strong><\/h3>\n\n\n\n<p>Panic mode drops all incoming and outgoing traffic immediately\u2014useful during incidents. Lockdown mode restricts which local apps can modify the firewall, reducing tampering risk.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Panic mode (emergency only)\nsudo firewall-cmd --panic-on\nsudo firewall-cmd --panic-off\n\n# Lockdown mode\nsudo firewall-cmd --lockdown-on\nsudo firewall-cmd --lockdown-off\n\n# Manage lockdown whitelist (XML or firewall-cmd helpers on newer versions)\n# \/etc\/firewalld\/lockdown-whitelist.xml<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ongoing-maintenance-and-auditing\"><strong>Ongoing Maintenance and Auditing<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Audit rules regularly:<\/strong> <code>firewall-cmd --list-all<\/code> and <code>--list-rich-rules<\/code>.<\/li>\n\n\n\n<li><strong>Promote tested runtime changes to permanent:<\/strong> <code>firewall-cmd --runtime-to-permanent<\/code>.<\/li>\n\n\n\n<li><strong>Validate configs after edits: <\/strong><code>firewall-cmd --check-config<\/code>.<\/li>\n\n\n\n<li>Back up FirewallD configs from <code>\/etc\/firewalld\/<\/code>.<\/li>\n\n\n\n<li>Coordinate with cloud firewalls (AWS Security Groups, Azure NSGs, GCP VPC Firewall) to avoid mismatched rules.<\/li>\n\n\n\n<li>Review logs weekly; tighten rules based on denied traffic trends.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"common-mistakes-to-avoid\"><strong>Common Mistakes to Avoid<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Using iptables-services alongside FirewallD, causing conflicts. Choose one.<\/li>\n\n\n\n<li>Editing nftables directly instead of using firewall-cmd.<\/li>\n\n\n\n<li>Opening ports permanently without documenting purpose and owner.<\/li>\n\n\n\n<li>Forgetting to reload after permanent changes.<\/li>\n\n\n\n<li>Whitelisting 0.0.0.0\/0 for SSH; always restrict or use VPN\/bastion.<\/li>\n\n\n\n<li>Not enabling log-denied; you can\u2019t monitor what you don\u2019t log.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"real-world-example-harden-a-web-server-in-minutes\"><strong>Real World Example: Harden a Web Server in Minutes<\/strong><\/h2>\n\n\n\n<pre class=\"wp-block-code\"><code># 1) Confirm status and active zones\nsudo systemctl is-active firewalld &amp;&amp; sudo firewall-cmd --get-active-zones\n\n# 2) Allow only SSH (restricted), HTTP, HTTPS\nsudo firewall-cmd --permanent --zone=public --add-service=http\nsudo firewall-cmd --permanent --zone=public --add-service=https\nsudo firewall-cmd --permanent --zone=public \\\n  --add-rich-rule='rule family=ipv4 source address=203.0.113.10 service name=\"ssh\" accept'\nsudo firewall-cmd --permanent --zone=public \\\n  --add-rich-rule='rule service name=\"ssh\" drop'\n\n# 3) Enable denied logging and rate-limit SSH\nsudo firewall-cmd --set-log-denied=all\nsudo firewall-cmd --permanent --add-rich-rule='rule service name=\"ssh\" limit value=\"10\/m\" accept'\nsudo firewall-cmd --permanent --add-rich-rule='rule service name=\"ssh\" drop'\n\n# 4) Apply and verify\nsudo firewall-cmd --reload\nsudo firewall-cmd --list-all\nsudo firewall-cmd --list-rich-rules\n\n# 5) Watch logs\nsudo journalctl -u firewalld -f<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs\"><strong>FAQ&#8217;s<\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765951848601\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"1-how-do-i-check-if-firewalld-is-running\">1. <strong>How do I check if FirewallD is running?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use: <code>systemctl status firewalld<\/code> and <code>firewall-cmd --state<\/code>. If it\u2019s inactive, run <code>sudo systemctl enable --now firewalld<\/code>. Then verify zones and rules with <code>firewall-cmd --get-active-zones<\/code> and <code>--list-all<\/code>.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765951854369\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"2-how-do-i-enable-logging-of-denied-packets-in-firewalld\">2. <strong>How do I enable logging of denied packets in FirewallD?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Run <code>sudo firewall-cmd --set-log-denied=all<\/code> to log all denied packets. View logs with <code>journalctl -u firewalld<\/code> or <code>journalctl -k<\/code>. You can switch to <code>unicast<\/code>, <code>broadcast<\/code>, or <code>multicast<\/code> to reduce noise.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765951865052\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"3-whats-the-difference-between-runtime-and-permanent-in-firewalld\">3. <strong>What\u2019s the difference between runtime and permanent in FirewallD?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Runtime changes are immediate but temporary; they disappear after a reload or reboot. Permanent changes are saved to disk and applied after <code>firewall-cmd --reload<\/code>. Convert runtime changes with <code>firewall-cmd --runtime-to-permanent<\/code>.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765951874896\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"4-how-do-i-allow-ssh-from-a-single-ip-address\">4. <strong>How do I allow SSH from a single IP address?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Use a rich rule: <code>sudo firewall-cmd --permanent --zone=public --add-rich-rule='rule family=ipv4 source address=203.0.113.10 service name=\"ssh\" accept'<\/code> followed by <code>sudo firewall-cmd --reload<\/code>. Optionally add a drop rule for all other SSH attempts.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765951882853\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"5-is-firewalld-better-than-iptables-for-servers\"><strong>5. Is FirewallD better than iptables for servers?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>For most modern Linux servers, yes. FirewallD provides dynamic rule updates, zones, and service abstractions, and it uses nftables under the hood on current distros. It\u2019s easier to maintain safely in production compared to managing raw iptables rules directly.<\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>To monitor and secure FirewallD on a Linux server, verify its status, set a least-privilege baseline with zones and services, [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":16711,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[350],"tags":[],"class_list":["post-14335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Monitor-Secure-FirewallD-on-Linux-Server.jpg","author_info":{"display_name":"Prahlad Prajapati","author_link":"https:\/\/www.youstable.com\/blog\/author\/prahladblog"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/14335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=14335"}],"version-history":[{"count":4,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/14335\/revisions"}],"predecessor-version":[{"id":16712,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/14335\/revisions\/16712"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/16711"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=14335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=14335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=14335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}