Disable SSH ability for specific domains?

August 4, 2016 1.6k views
Security Configuration Management DNS Ubuntu 16.04

Through the DigitalOcean dashboard, you are able to add domains to droplets. Let's say you add six domains to a droplet, as if you are running multiple domains off of the same server. You are still able to SSH into the server through each domain, seeing as it resolves to the IP address.

Is there a way to disable SSH functionality for specific domains?


1 Answer

Unfortunately this is not possible because there is no way for SSH server to tell which domain you are using. When you use a domain to connect to SSH, DNS will resolve the IP address for the domain and IP address will be used to make the SSH connection.

For security, I would recommend changing the port number of your SSH server or using fail2ban.

Have another answer? Share your knowledge.