-
Tutorial
Terraform is an infrastructure as code tool created by HashiCorp that helps developers with deploying, updating, and removing different assets of their infrastructure in an efficient and more scalable way. In this tut...
•
By
Ivan
Terraform
Cloud Computing
DigitalOcean Cloud Firewalls
-
In this tutorial, we will adapt a two-server Wordpress and MySQL setup to use Cloud Firewalls, and demonstrate some of the advantages this service can provide.
•
By
Brian Boucheron
DigitalOcean
Firewall
DigitalOcean Cloud Firewalls
Ubuntu
Ubuntu 16.04
-
Even though you can configure Cloud Firewalls through the DigitalOcean Control Panel, when you have a lot of Droplets to manage, need to script out a process, or just prefer working from the terminal, a command-line i...
•
By
Marko Mudrinić
DigitalOcean
Firewall
LAMP Stack
DigitalOcean Cloud Firewalls
-
Tutorial
DigitalOcean Blueprints provide you with fast and flexible infrastructure to support you as you scale. You can leverage and incorporate Blueprints as part of your development workflow to spend more time crafting code ...
•
By
Kathleen Juell
Blueprint
DigitalOcean
DigitalOcean Cloud Firewalls
Block Storage
Node.js
MySQL
Ansible
Solutions
Terraform
Automated Setups
Databases
-
Question
My droplet has debian os. I have a java application running which tries to exchange data with remote similar applications. This data exchange has previously worked across remote environments where each node has been a...
Accepted Answer:
Hello,
It sounds like that your Java app is binding to 127.0.0.1:4000 rather than 0.0.0.0:4000 so that's why you can only access it locally from the server itself.
To check if this is true you can run:
netstat -plant...
1
•
•
By
stewartvince
DigitalOcean Cloud Firewalls
-
Question
I am trying to remotely connect to my mysql instance and have been unsuccessful.
ufw shows port 3306 open
iptables is not configured and the droplet firewall shows that it should be allowed. I have confirmed that my i...
Accepted Answer:
Hi there @damianyates,
It sounds like that your MySQL service might be binding only on 127.0.0.1:3306 and if you want to access MySQL from the outside world, you need to change this to 0.0.0.0:3306.
To check if this i...
2
•
•
By
damianyates
MySQL
DigitalOcean Cloud Firewalls
Firewall
-
Question
Is it possible to use Cloud Firewall with an app deployed on App Platform? I was reviewing options to deploy an internal app that is restricted to a list of allowed IPs.
It doesn’t seem to be an option from what I cou...
Accepted Answer:
This functionality isn't currently available, but we are exploring options for offering dedicated egress IPs which would facilitate cloud firewall functionality.
1
•
•
By
MitchellCash
DigitalOcean Cloud Firewalls
DigitalOcean App Platform
-
Question
I have a web application server (1) with https in a VPC. In another VPC an application server (2) is only available. And a managed mysql (3). I need to configure a DMZ (Firewall with NAT) to isolate the internal serve...
Accepted Answer:
Hi there,
I believe that a firewall with NAT is not possible as of the time being.
What you could do is if you have all the resources in same VPC then you can restrict the traffic on server 2 and server 3 to server 1 ...
1
•
•
By
melsardalri
Networking
DigitalOcean Cloud Firewalls
-
Question
So i installed wireguard using this automated installer https://github.com/Nyr/wireguard-install, and now i am trying to make the server more secure by using digitalocean firewall and i do not really know how to confi...
Accepted Answer:
WireGuard uses a different port than SSH, so your firewall is blocking its traffic. You need to allow the UDP port used by your WireGuard server; the default is 51820.
1
•
•
By
menghoe
Ubuntu 18.04
VPN
DigitalOcean Cloud Firewalls
Firewall
-
Question
So I am going to walk you through everything I have done since I created this. Since this is a test before I run it for production.
ssh in, change root password
adduser (new user added)
usermod -aG sudo (new user)
ufw...
Accepted Answer:
I was unable to resolve this issue. Removing the droplet and closing ticket. Anyone that is curious all steeps I have taken are listed above. It is replicate-able by simply following those steeps.
4
•
•
By
Taux1c
MySQL
DigitalOcean Cloud Firewalls
Firewall
Databases
DNS
Ubuntu 18.04
-
Question
I open this debate because the truth is that I always ask myself the same thing and google does not have the answer.
Because whenever I create an instance in DigitalOcean there are constant failed accesses from differ...
Accepted Answer:
Hi @ajmusic15,
In my experience and in my eyes these connections have always been some bots trying to gain access to my system whether it's here or on another provider. I never gave them much though despite the fact t...
1
•
•
By
ajmusic15
CentOS
DigitalOcean
DigitalOcean Cloud Firewalls
-
Question
My droplets are in NYC1 data center, but I need my solution to be PCI compliant. Do I have to move them to NYC2 or NYC3? They are all setup with firewall rules, private networking, volumes mounted, etc. Not a small...
Accepted Answer:
Hello, @jeff93eceb16c6f
If you are able to wait a couple months, I would recommend holding off on transferring your resources over to NYC2 or NYC3.
PCI Compliance paperwork for NYC1 has hit some COVID-related delays,...
2
•
•
By
jeff93eceb16c6f
DigitalOcean
DigitalOcean Cloud Firewalls
-
Question
In my Inbound Rules I've set these rules:
Type: Custom
Protocol: TCP
Portrange: 6002 for IPv4 and 6
But still if I go to https://ping.eu/port-chk/ my port is still closed!
Any ideas?
I don't use the local firewall onl...
Accepted Answer:
Hello, @avidofood
If you're running on Ubuntu droplet you can try to open the port on ufw and then to disable it again. I had a similar issue and this helped.
sudo ufw allow 6002
sudo ufw disable
Is you're applicat...
1
•
•
By
avidofood
DigitalOcean Cloud Firewalls
-
Question
We have 5,000 requests per hour (Reference (https://developers.digitalocean.com/documentation/v2/#:~:text=Current%20rate%20limits%3A,5%25%20of%20the%20hourly%20total)).
So let's say that some IP addresses are causing...
Accepted Answer:
Hi there @Windrunner,
This request limit is for the DigitalOcean API itself. So if you are using the DigitalOcean API and you are making a lot of requests to https://api.digitalocean.com you might hit that 5000 reque...
2
•
•
By
Windrunner
Firewall
DigitalOcean Cloud Firewalls
-
Question
Hello,
I am looking for an option to block single IPs in the Cloud Firewall, is this possible?
Accepted Answer:
Hi there @Geekologist,
Unfortunately, this isn't possible with the cloud firewall.
You are welcome to suggest this as an idea on our product ideas board: https://ideas.digitalocean.com/
You may, however, be able to ac...
2
•
•
By
Lokrnu
DigitalOcean
DigitalOcean Cloud Firewalls
-
Question
I have created a Kubernetes Cluster.
All works fine, however I needed to add an inbound rule to the firewall that it created in order to allow HTTPS.
But after a while my rules keep resetting and my added HTTPS rule ...
Accepted Answer:
Hi there!
The cloud resources(volumes/Load Balancers/Firewall) created by DOKS are not intended to be manually modified/renamed. If there are manual modifications made to a cloud resource's settings, the reconciler wi...
3
•
•
By
raduachim
DigitalOcean Cloud Firewalls
Kubernetes
-
Question
Hello,
I'm attempting to remove multiple rules from a DO firewall using the API but I keep getting a 422 response.
Given the following firewall definition:
{
"firewall": {
"id": "[REDACTED]",
"name": "test-...
Accepted Answer:
Thanks for the reply Bobby, but after sleeping on this I've come to a solution. The problem is that a DO firewall isn't valid if it has no rules (inbound or outbound). When running my first request to delete all inbou...
2
•
•
By
alehman
DigitalOcean
API
DigitalOcean Cloud Firewalls
-
Question
Hello, I have a droplet set up as follows:
module "bastion_server" {
ipv6 = "false"
region = "nyc1"
private_networking = "false}"
name ...
Accepted Answer:
Hi there,
Try to open port 53 for DNS. The address lookups for package repos probably isn't happening.
If it still doesn't work, give some morer logs ;)
1
•
•
By
myprogramingnotes
DigitalOcean Cloud Firewalls
Ubuntu 18.04
-
Question
My app uses custom generated data that is stored in my DB and is then served to the visitors. That's handled by a Nginx webserver on one droplet (D1) and a MongoDB on another droplet (D2).
To push new data into the DB...
Accepted Answer:
Greetings!
Great question. If you're reaching out to the API to request the data, it will be handled over the outbound connection. It's all about the opening of the connection rather than the direction in which the tr...
1
•
•
By
multispoke
DigitalOcean Cloud Firewalls
Ubuntu
-
Question
I have generate the ssh with putty and upload it to my account, but I cannot connect my droplets still.I set as the same as the guide(https://cloudsupport.digitalocean.com/s/#none|ka21N000000Cp7TQAS), but it will apea...
Accepted Answer:
Hey friend,
It sounds like password login is disabled, and this droplet uses SSH keys. It also sounds like PuTTY may not be using your private key, thus resulting in a situation in which the server offers no connectio...
1
•
•
By
whulixiya
DigitalOcean Cloud Firewalls
VPN
Ubuntu 16.04