By sams
I’m thinking of doing Setup #2 but would like to restrict database server access. Im thinking I can, in theory, simply SSH from application server to database server to maintain db.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
This comment has been deleted
as mentioned before you can disable eth0 and use private network to access your droplet. you have 2 options:
- manually edit interfaces file in /etc/network/interfaces
sudo vi /etc/network/interfaces
here you just delete eth0 cfg block.
- simply disable eth0 from command line
ifdown eth0
Any droplet you create will be assigned a public IP address but you could disable the public interface or restrict traffic once it is created. There are a few ways to do this:
1.) You can set up an iptables or ufw firewall to drop all traffic to your public IP
2.) You can use the command
ifdown eth0
to disable the public network on a one-time basis.
3.) You can comment out the configuration for the eth0 interface in your droplet’s /etc/network/interfaces file.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.