Related

Is it possible to use full disk encryption on an Ubuntu 14 droplet? Question Question
going around in circles trying to setup Ubuntu Question Question

Question

I'm blocking connections from all IP's accept my home IP. Which IP's should I allow for Digital Ocean?

Posted December 10, 2016 1.6k views
UbuntuSecurity

I saw some unwanted logins and decided that I will block all traffic accept from my home and locations I trust. I’m using hosts.allow and hosts.deny to achieve this. I need to know the range of IP’s that Digital Ocean may use to login to my droplet for maintenance reasons.

Add a comment
email48e0b1e05fdd57672a289
By:
email48e0b1e05fdd57672a289

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
sierracircle December 10, 2016

I do not think Digital Ocean needs to login to your droplet for any reason. They have access to the physical machines, which is as far as their maintenance goes.

You should consider spending a day getting to know IPTables, which will give you better control over this sort of thing.

With IPTables, you can lock down specific ports (like your ssh port) for only your IP, and leave your web ports (80 and 443) open for public (if you have a web-server)

It took me about a day to wrap my head around IPTables, but once I had the basic idea I have a much easier time locking my droplets.

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help