Limit Access to Droplet

I was wondering if we can limit access to our droplets to certain IP’s. Let’s say I’m at home and I only want my droplet to allow access from my home’s public wan IP address.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hello, all

In order to secure your droplet you can use UFW and limit the access to the server to only certain IPs and also allow/deny ports as well.

UFW, or Uncomplicated Firewall, is an interface to iptables that is geared towards simplifying the process of configuring a firewall. While iptables is a solid and flexible tool, it can be difficult for beginners to learn how to use it to properly configure a firewall. If you’re looking to get started securing your network, and you’re not sure which tool to use, UFW may be the right choice for you.

For Ubuntu 16.04 you can check this article:

And for more up to date version of Ubuntu here:

Hope that this helps! Regards, Alex

Hey friend!

This can be done with a firewall. It gets more complex if your IP changes though. Let’s say my IP is and I want that to be the only IP accessing the server. This would do it:

iptables -I INPUT -s -j ACCEPT iptables -A INPUT -j DROP

Firewall rules are read from the top down, so I inserted the allow for and then appended under it a rule to drop any connections not allowed by a rule above it. I could add to it anytime with this:

iptables -I INPUT -s -j ACCEPT

But if your IP isn’t there and you lose your IP, you’re locked out from anything but our web console.