Question

Issues with SSH Access After Changing Firewall Settings

I was trying to enhance the security of my droplet by setting up firewall rules via DigitalOcean Cloud Firewalls. Here are the commands I used to add the rules:

# Adding a rule to allow SSH sudo ufw allow 22/tcp

After making these changes, I found that I could not connect to the droplet via SSH. I get a “Connection timed out” error when trying to connect. I’m sure I correctly added port 22 to the allowed list, but the connection still fails.

Could anyone have encountered a similar issue or suggest what I might have done wrong? Are there any firewall settings or additional steps that need to be taken?

Thanks in advance for any help!


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
February 3, 2025

Hi there,

You mentioned that you added a Cloud Firewall, note that if you have both ufw and a Cloud Firewall, even if UFW allows SSH, DigitalOcean Cloud Firewalls could be blocking it.

Check in the DigitalOcean Control Panel and ensure Inbound Rules allow:

Let me know how it goes after you’ve allowed the SSH connections for both the ufw on your Droplet and the Cloud Firewall!

- Bobby

alexdo
Site Moderator
Site Moderator badge
February 3, 2025

Heya, @nikolasj

As Bobby mentioned if you run a Cloud Firewall there might be a miscofiguration in the firewall rules and you need to check if both configs allow the ssh access.

Regards

It sounds like you might have a conflict between ufw (Uncomplicated Firewall) and DigitalOcean’s Cloud Firewalls. Ensure that DigitalOcean’s Cloud Firewall rules also allow SSH (port 22) and that ufw is not blocking the connection. You can check the status of ufw with sudo ufw status and disable it temporarily with sudo ufw disable to test if it’s the issue. Additionally, verify your droplet’s network settings in the DigitalOcean control panel.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.