Because you just have services that are already "internet hardened" running?

Sounds like a poor reason to turn off your firewall

Can't see a reason to close ports with firewall on which there is nothing listening anyway.

The best defence, IMO, is not to have the thing if you don't need the thing. Having to remember about it all the time sometimes prevents the work from getting done.

You may want to not send back the "unreachable port" ICMP messages that are the default behavior for ports on which there is nothing listening.

The traditional configuration for a server or router is to block in the firewall all the unused ports, which means that ICMP responses will not be sent back, with the exception of the range of ports that are normally used by the "traceroute" utility.

Unfortunately, there are also stupid people who block in the firewall even the traceroute ports, which makes more difficult the diagnosing of any network problem.

What would the firewall do in this case exactly? It's just a webserver, so you'd normally allow all http/https traffic through anyway.