Hey I just created an Ubuntu Wordpress droplet, I added fail2ban and used UFW to deny all incoming and outgoing and allowed port 80 and port 22 for my ip only.
Can people still hack into my server (ignoring Wordpress vulnerabilities)?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
People will always be able to hack into your server; you can never ‘prevent’ your server from being hacked. You can make sure the script kiddies don’t ‘hack’ into your server though; what you did is a good approach.
First off, what I would change is your SSH port. Change it from 22 to 2222, for example. I once had my SSH running on port 22, and guess what, 3 days after I deployed the droplet there were 90,000 failed login attempts…
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.