Question

Limit Access to Droplet

Posted November 12, 2018 1.8k views
SecurityUbuntu 16.04

I was wondering if we can limit access to our droplets to certain IP’s. Let’s say I’m at home and I only want my droplet to allow access from my home’s public wan IP address.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hey friend!

This can be done with a firewall. It gets more complex if your IP changes though. Let’s say my IP is 1.1.1.1 and I want that to be the only IP accessing the server. This would do it:

iptables -I INPUT -s 1.1.1.1 -j ACCEPT
iptables -A INPUT -j DROP

Firewall rules are read from the top down, so I inserted the allow for 1.1.1.1 and then appended under it a rule to drop any connections not allowed by a rule above it. I could add 2.2.2.2 to it anytime with this:

iptables -I INPUT -s 2.2.2.2 -j ACCEPT

But if your IP isn’t there and you lose your IP, you’re locked out from anything but our web console.

Jarland

Submit an Answer