No bundled malware scanner
DigitalOcean does not run an on-host or external malware scanner by default. You're responsible for your own security baseline. StackPatch + ufw + fail2ban covers most of it.
Back to StackPatch
Integration · DigitalOcean VPS
StackPatch on a DigitalOcean VPS
We run the live demo at /patch/audit/mss-vps on a Hostinger VPS, but the install + agent works identically on DigitalOcean. Default DigitalOcean distros: Ubuntu 24.04, Debian 12, Fedora 40, AlmaLinux 9. Control panel: DigitalOcean Cloud.
Install
# free anonymous quickscan curl https://mindsparkstack.com/scan.sh | bash # paid agent install (requires founder seat) curl -fsSL https://mindsparkstack.com/install.sh | sudo bash -s -- --token spt_...
Source plain text at /scan.sh and /install.sh — read before piping.
DigitalOcean-specific notes
Cloud Firewalls
DigitalOcean Cloud Firewall is a separate layer above ufw. Defining rules at the Cloud Firewall level is preferable for production — they apply before traffic reaches the droplet. Mirror the StackPatch baseline (22, 80, 443) there.
Snapshots are your backup
Cloud-level snapshot before any major upgrade. Cheaper than rebuilding from scratch; ~5 min to create, instant restore. Pair with the daily stackpatch-backup.sh for application data.
Recovery via API
POST /v2/droplets/{id}/actions with body {"type": "power_on"} (or "reboot"). Token at cloud.digitalocean.com/account/api/tokens. Same auto-recovery pattern as Hostinger.
DigitalOcean's default has UFW disabled
StackPatch's install script doesn't modify firewall rules. Wire it yourself if you haven't:
sudo ufw default deny incoming sudo ufw allow 22/tcp sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufw enable
Other VPS providers
Don't see your provider? StackPatch is provider-agnostic — it works on any Linux VPS (Linode, Vultr, Contabo, AWS Lightsail, Oracle Cloud free tier, etc). The agent is distro-aware, not provider-specific.
Free quickscan, no signup, 5 seconds
curl https://mindsparkstack.com/scan.sh | bash