Configure DigitalOcean Cloud Firewall for EE v4

I have created a new droplet and choose to use Digitalocean Cloud firewall instead of UFW.

I want to know what is the best configuration for the firewall’s Inbound Rules and Outbound Rules and which will not block any important app or script from running.

It’s a WordPress website and I also use SFTP many times.

Heres my current configuration

Hi @Prateek_Mishra,

did you find any other suggestion meanwhile? I would like to do the same thing but I am not sure about rules. And… would you like to help me with SFTP configuration? I am not sure how configure FTP client to allow third party developers access.


I haven’t made any changes to the firewall as I don’t want to break anything.

And for SFTP I think EE supports it out of the box, I use WinSCP on windows and use my private Ssh key for login as root. Maybe if you can add the developers key to the droplet he can login using it.

Access through FTP client as root it doesn’t help me, thanks for support anyway.

Hey there,

Your firewall configuration looks good. I would only remove the MySQL Outgoing Rule – that’s unnecessary as the TCP All Ports already covers that, not sure how that got in there.

I recommend It supports SSH, SFTP and more.
I am using it with root/non-root smoothly (EEv4, Ubuntu 18.04, Google Cloud)