Limit Access to Droplet

November 12, 2018 1.3k views
Security Ubuntu 16.04

I was wondering if we can limit access to our droplets to certain IP’s. Let’s say I’m at home and I only want my droplet to allow access from my home’s public wan IP address.

1 Answer

Hey friend!

This can be done with a firewall. It gets more complex if your IP changes though. Let’s say my IP is 1.1.1.1 and I want that to be the only IP accessing the server. This would do it:

iptables -I INPUT -s 1.1.1.1 -j ACCEPT
iptables -A INPUT -j DROP

Firewall rules are read from the top down, so I inserted the allow for 1.1.1.1 and then appended under it a rule to drop any connections not allowed by a rule above it. I could add 2.2.2.2 to it anytime with this:

iptables -I INPUT -s 2.2.2.2 -j ACCEPT

But if your IP isn’t there and you lose your IP, you’re locked out from anything but our web console.

Jarland

Have another answer? Share your knowledge.