How to deny certain IPs through cloud firewall but allow all others?

July 30, 2018 1.2k views
DigitalOcean Cloud Firewalls
Ethindp
By:
Ethindp

My goal is to:

  • Allow all TCP and UDP traffic for certain ports for incoming connections and allow all traffic for outgoing connections (both of which I already know how to do)
  • Maintain the ability to block particular IP addresses from accessing all droplets the cloud firewall protects (i.e. a droplet-wide ban), as I am hosting services on multiple droplets and want to offload most of the firewall controls to the cloud firewall system. I’d love to offload everything to it (i.e. VPN routing and such).... if anyone knows how to do that, please let me know.
Log In to Comment
5 Answers
brandon.tamm January 7, 2019

+1 - anyone from DO explain how to DENY Ip addresses?

Reply
neilheuer July 7, 2019

Has anyone found an answer to this?!

Reply
Geekologist July 12, 2019

I would like to know about this one too.

Reply
neilheuer July 12, 2019

So DO responded to my support email and with their firewall it is not possible. They recommended finding service providers that offer a WAF - Web Application Firewall. Cloudflare does offer one- it is $20 per a domain. Not cheap

Reply
ivanschuetz July 19, 2019
How To Set Up a Firewall with UFW on Ubuntu 16.04
by Hazel Virdó
UFW, or Uncomplicated Firewall, is an interface to iptables that is geared towards simplifying the process of configuring a firewall. While iptables is a solid and flexible tool, it can be difficult for beginners to learn how to use it to properly configure a firewall. If you're looking to get started securing your network, and you're not sure which tool to use, UFW may be the right choice for you. This tutorial will show you how to set up a firewall with UFW on Ubuntu 16.04.
Reply
Have another answer? Share your knowledge.

Related