Question

DDoS counter policy & measures

Posted April 13, 2013 13.1k views
Hi! I wonder what your policy is with regard to incoming DDoS network attacks? * Will you try to filter the traffic based on heuristics, or just null route the affected dest IP(s)? * What happens to my network traffic bill when somebody launches a DNS amplication attack against my VPS? Cheers!
Add a comment
gwillem
By:
gwillem
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
5 answers
kamaln7 May 4, 2013
If your droplet experiences a DDoS that might affect the hypervisor it is on (and ultimately other clients), the droplet will be shutdown and you will be notified.
Reply Report
gerbenjacobs February 26, 2014
I'm also curious about the end effects of a possible DDOS attack..
Reply Report
kamaln7 February 27, 2014
We do not bill for inbound bandwidth so that shouldn't be an issue.
Reply Report
tim1 July 30, 2013
I'm interested in the network traffic bill question as well : will you bill all the traffic that was generated through the DDoS (in & out), part of it, the part that occured until you take down the droplet, the part that occured until the IP got nullrouted, or ..?

We're interested in using digital ocean more in the future @ work for our client, but one of the requirement is crisp clear planning of the cost. If a single (unpredicatble) DDoS attack results in a high traffic bill ($100+) then this no viable option for us. Therefor the question.
Reply Report
cacivio July 20, 2017

Apologize I went back to attack before I finished doing my backup are two ip I want to block them in the firewall but I do not find where
185.188.204.27 - - [19/Jul/2017:20:09:35 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”
185.188.204.27 - - [19/Jul/2017:20:09:36 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”
185.188.204.25 - - [19/Jul/2017:20:09:36 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”
185.188.204.27 - - [19/Jul/2017:20:09:37 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”
185.188.204.25 - - [19/Jul/2017:20:09:37 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”
185.188.204.25 - - [19/Jul/2017:20:09:38 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”
185.188.204.27 - - [19/Jul/2017:20:09:38 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”
185.188.204.27 - - [19/Jul/2017:20:09:39 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”
185.188.204.25 - - [19/Jul/2017:20:09:39 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”
185.188.204.27 - - [19/Jul/2017:20:09:40 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”
185.188.204.25 - - [19/Jul/2017:20:09:40 -0400] “POST /xmlrpc.php HTTP/1.0” 499 0 “-” “Mozilla/4.0 (compatible: MSIE 7.0; Windows NT 6.0)”

Reply Report
Submit an Answer

Looking for something else?

Ask a new question Search for more help