Server Provisioning

Depfloy takes several security measures to protect your server and projects. This section will cover the security measures Depfloy takes to protect your server and projects.

Depfloy connects to your server as the root user via SSH during the initial provisioning process. This allows Depfloy to add repositories, install dependencies, and configure new services, firewalls, and more to prepare your server for use.

The provisioning process typically takes around 15 minutes, depending on your server’s speed, network connection, and the number of services to be installed.

After the initial provisioning, Depfloy continues to use root access to manage your server’s software, services, and configurations.

Security Measures

The security of your server and the data it contains is extremely important to us. We take comprehensive measures to ensure your server remains protected. Below is an overview of some of the steps we take to secure your server:

  • A unique SSH key is generated and deployed for each server added to Depfloy.
  • Password-based SSH access is disabled during provisioning.
  • Each server is assigned a unique root password.
  • All ports are blocked by default using UFW, a secure firewall for Ubuntu. Only the following ports are explicitly opened: 22 (SSH), 80 (HTTP), and 443 (HTTPS).
  • Automatic security updates are installed using Ubuntu’s unattended-upgrades program.

Using Firewall

Depfloy uses UFW (Uncomplicated Firewall) to secure your server. UFW is a user-friendly interface for managing iptables, the Linux kernel’s built-in firewall.

UFW allows you to easily configure your server’s firewall to block unwanted traffic and allow only necessary traffic.

You can configure the firewall by navigating to the “Firewall” section in the server settings at https://app.depfloy.com/servers/<serverID>/firewall.

Firewall

You can add rules to the firewall by clicking the “Add Rule” button in the top right corner of the page.

Was this page helpful?