UFW Setup - Cloudflare IPs and apt-get and SSH
I’m a little unsure on how to handle this:
I have a Dokku droplet which sits behind my Cloudflare. Now I want to whitelist only cloud flare IPs to access that droplet, however I also need to be able to SSH into that droplet (from anywhere I may be, so a fixed IP isn’t possible), need to be able to push code to my dokku master and I would also like things like apt-get to work without causing an issue.
So, are these the ports I need to allow - and would Cloudflare only need 443 (as I’m using Full Strict SSL on their side)
Or do i also need port 80? As surely my node app, when doing a build may require things from npm?
A little confused. It just feels like there’s not much I can do. I don;t see the point of even adding those Cloudflare IPs, if say something like NPM would require port 80 from anywhere.
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.