HumanitZ Server Port Forwarding & Firewall Guide

HumanitZ Server Port Forwarding & Firewall Guide

Port forwarding is the step most new server operators miss — and the most common reason a freshly installed HumanitZ server works locally but is invisible to everyone else. HumanitZ uses a set of UDP and TCP ports for game traffic and Steam master server registration. All of them must be reachable from the public internet for your server to appear in the browser and accept player connections.

Required Ports

If you changed either value in GameServerSettings.ini, forward your custom ports instead of the defaults above.

Step 1: Router Port Forwarding (Home Networks Only)

1. Open your router admin panel — usually at 192.168.1.1 or 192.168.0.1
2. Log in (default credentials are often printed on a sticker on the router)
3. Find Port Forwarding (may be under Advanced, NAT, or Virtual Servers)
4. Create the following rules, each pointing to your server PC's local IP address:

External Port → Local IP          → Local Port → Protocol
7777          → 192.168.x.x       → 7777       → UDP+TCP
27015         → 192.168.x.x       → 27015      → UDP

Find your server machine's local IP:

# Linux:
hostname -I | awk '{print $1}'

# Windows (PowerShell):
(Get-NetIPAddress -AddressFamily IPv4 | Where-Object {$_.IPAddress -notlike '127.*'}).IPAddress

Step 2: OS Firewall Rules

Linux — UFW:

sudo ufw allow 7777/tcp
sudo ufw allow 7777/udp
sudo ufw allow 27015/udp
sudo ufw reload
sudo ufw status verbose

Linux — iptables:

sudo iptables -A INPUT -p tcp --dport 7777 -j ACCEPT
sudo iptables -A INPUT -p udp --dport 7777 -j ACCEPT
sudo iptables -A INPUT -p udp --dport 27015 -j ACCEPT
sudo iptables-save | sudo tee /etc/iptables/rules.v4

Windows — PowerShell (run as Administrator):

New-NetFirewallRule -DisplayName "HumanitZ Game UDP" -Direction Inbound -Protocol UDP -LocalPort 7777 -Action Allow
New-NetFirewallRule -DisplayName "HumanitZ Game TCP" -Direction Inbound -Protocol TCP -LocalPort 7777 -Action Allow
New-NetFirewallRule -DisplayName "HumanitZ Query"    -Direction Inbound -Protocol UDP -LocalPort 27015 -Action Allow

Step 3: VPS / Cloud Firewall (If Applicable)

Many cloud providers (AWS, GCP, Azure, Hetzner, etc.) have a separate network-level firewall managed in their web console. Check your provider's dashboard for a Security Group, Firewall Rules, or Network ACL section and add the same inbound rules there. The OS firewall alone is not sufficient if a cloud firewall denies traffic before it reaches the instance.

Step 4: Verify Ports Are Open

Test from a different network (mobile hotspot or another machine not on your LAN):

# Install nmap if needed: sudo apt install nmap
# Test UDP query port:
nmap -sU -p 27015 [your-public-IP]

# Test TCP game port:
nmap -sT -p 7777 [your-public-IP]

# Expected output for an open port:
PORT      STATE  SERVICE
7777/tcp  open   unknown
27015/udp open   unknown

You can also use the online tool YouGetSignal Port Checker to test from a browser without installing nmap.

Troubleshooting

• Ports show "filtered" on nmap: The cloud or OS firewall is blocking — rules not applied correctly
• Ports show "open" but server not in browser: Wait 2–3 minutes after server start; Steam master list propagation takes time. Also confirm bPublicServer=true in your config
• LAN players connect but not external: Router port forwarding is missing or pointing to the wrong local IP
• Double NAT (modem + router): Forward ports on both the ISP modem and your router, or put your router in the modem's DMZ
• ISP-blocked ports: Some residential ISPs block inbound traffic on non-standard ports. Contact your ISP or switch to a VPS for hosting

Professional Hosting

Skip port forwarding entirely. Host your HumanitZ server with Supercraft on datacenter hardware where all ports are pre-configured, publicly accessible, and DDoS-protected from day one.