I'm blocking connections from all IP's accept my home IP. Which IP's should I allow for Digital Ocean?

Question

I saw some unwanted logins and decided that I will block all traffic accept from my home and locations I trust. I’m using hosts.allow and hosts.deny to achieve this. I need to know the range of IP’s that Digital Ocean may use to login to my droplet for maintenance reasons.

Answer 1

sierracircle December 10, 2016

I do not think Digital Ocean needs to login to your droplet for any reason. They have access to the physical machines, which is as far as their maintenance goes.

You should consider spending a day getting to know IPTables, which will give you better control over this sort of thing.

With IPTables, you can lock down specific ports (like your ssh port) for only your IP, and leave your web ports (80 and 443) open for public (if you have a web-server)

It took me about a day to wrap my head around IPTables, but once I had the basic idea I have a much easier time locking my droplets.

Reply Report

Related

Question

I'm blocking connections from all IP's accept my home IP. Which IP's should I allow for Digital Ocean?

Related

Leave a comment

Looking for something else?

Sign up for our newsletter

Related

Question

I'm blocking connections from all IP's accept my home IP. Which IP's should I allow for Digital Ocean?

Related

Leave a comment

Related

question

Is it possible to use full disk encryption on an Ubuntu 14 droplet?

question

going around in circles trying to setup Ubuntu

question

unable to access my droplet via putty or any other way using SSH keys

question

Are there access to my files from the internet?

Looking for something else?