diff --git a/tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml b/tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml
index bd083bb6..49b46217 100644
--- a/tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml
+++ b/tf/modules/ooni_th_droplet/templates/cloud-init-docker.yml
@@ -88,8 +88,6 @@ users:
 write_files:
   - path: /etc/ssh/sshd_config
     content: |
-      Port 2222
-      Protocol 2
       PermitRootLogin no
       PermitEmptyPasswords no
       PasswordAuthentication no
@@ -114,7 +112,7 @@ write_files:
         resolver 127.0.0.1;
 
         # test helper metrics
-        location / {
+        location /metrics {
           allow ${monitoring_ip};
           deny all;
 
@@ -159,7 +157,7 @@ runcmd:
   - systemctl restart sshd
   - ufw default deny incoming
   - ufw default allow outgoing
-  - ufw allow 2222/tcp
+  - ufw allow 22/tcp
   - ufw allow 80/tcp
   - ufw allow 443/tcp
   - ufw allow from ${monitoring_ip} proto tcp to any port 9001