Digital Ocean = Digital Wild West?

Posted November 6, 2014 3.1k views

I am seriously annoyed by the fact that it does not seem possible to get information about users of DigitalOcean VMs. For a while now we receive HTPP requests with spoofed user client strings causing 500 errors on our websites. Obviously someone is having fun scanning websites in a rather stupid way and not identifying as a robot. I wrote to twice, sent them the log files and asked for the user’s contact – no answer. It now comes down to us blocking all DigitalOcean IPs from our webservers and I’m close to report these IPs to any black-list I can find, no matter if they’re dynamic or not. As much as I appreciate the smart concept of DigitalOcean VMs, there must be a way to avoid problems like this.

1 comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

I didn’t want to start a discussion about illegality, I was talking about getting a user’s contact. Despite any other judgment it is simply bad behavior to fake user agents and not identifying as a robot. The comment about black lists was just because I am so annoyed by this user’s behavior and the fact that I didn’t even get a response from DO. Of course I can just give a f*** and block all IPs from DO, but first and foremost I do prefer reasonable communication, which unfortunately is not possible in this case.

  • AFAIK no standard server provider will ever provide information of an end user unless there is a lawsuit. The standard procedure of handling abuse is to investigate and suspend/terminate the offending user account.

    Unless those HTTP requests are filling causing DoS or attempting exploits like SQL injection you can just ignore them.

  • Hi,

    I can assure you that we investigate all complaints sent to and take action against users who have been found to be engaging in abusive practices. Though on the other hand, we will not divulge customer information. I don’t see any messages to abuse@ from the email used to register your account, so I can’t speak to any particular case. If you’d like to discuss the details further drop us a line at with more information.

  • Sorry, that was my mistake and bad English, actually I meant “getting in contact” not “get contact”. Of course I do not expect that you provide any user information to me, but it’ll be great if you could forward my complaint to the user. I wrote to from the address mlaurenz((a)) Thanks for your effort.

  • Thanks for the additional information. I can confirm that your abuse complaint was forwarded on to the customer and a note has been added to their account. If you are still receiving requests from those IP addresses, please submit another complaint to It will help establish a pattern of behavior.

    Thanks for bringing this to our attention.