How are Hatchbox servers hardened for security?

There are several things we do to make sure your servers have good security defaults:
  • We disable password authentication for SSH. You can only login with SSH keys.
  • UFW (uncomplicated firewall) is installed and configured only to allow the following ports publicly
    • 22 (SSH) on all servers
    • 80 (HTTP), and 443 (HTTPS) on web servers
  • In a multi-server cluster, Hatchbox also configures UFW to firewall the internal datacenter network. Traffic is only allowed between your servers.
  • Security updates are automatically installed.

What is the Hatchbox IP address so I can whitelist it?

Can I use fail2ban?

Of course! We recommend adding it if you feel comfortable using it.
Last modified 1yr ago