Related

Is it possible to configure an sftp user for uploading and editing but NOT downloading files? Question Question
Set umask for another user Question Question

Question

Limit Access to Droplet

Posted November 12, 2018 2.2k views
SecurityUbuntu 16.04

I was wondering if we can limit access to our droplets to certain IP’s. Let’s say I’m at home and I only want my droplet to allow access from my home’s public wan IP address.

Add a comment
lenrex
By:
lenrex
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
jarland November 12, 2018

Hey friend!

This can be done with a firewall. It gets more complex if your IP changes though. Let’s say my IP is 1.1.1.1 and I want that to be the only IP accessing the server. This would do it:

iptables -I INPUT -s 1.1.1.1 -j ACCEPT
iptables -A INPUT -j DROP

Firewall rules are read from the top down, so I inserted the allow for 1.1.1.1 and then appended under it a rule to drop any connections not allowed by a rule above it. I could add 2.2.2.2 to it anytime with this:

iptables -I INPUT -s 2.2.2.2 -j ACCEPT

But if your IP isn’t there and you lose your IP, you’re locked out from anything but our web console.

Jarland

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help