DigitalOcean null-routing does not help my situation.

May 7, 2016 466 views
Configuration Management Applications Security Server Optimization Networking Load Balancing Ubuntu

I'm under a huge d-dos attack.

In order to circumvent it I need to apply changes to the server.
I've never had problems due to using sucuri as reverse proxy, worked great, they had server issues lately so I went and started using CloudFlare instead, which helps nothing.

So I'm under attack, and whenever the attack happens DigitalOcean starts null-routing my server, which makes it impossible for me to apply any changes at all. They keep doing this for 3 hours and automatically stops it, but before I can get to apply any changes they start null-routing again due to the d-dos hitting again.
And this just keeps going on forever in a loop and I can't do anything.
I can't even backup my files or sql database.

I just want to adjust the iptables so only my anti-ddos reverse proxy is the only thing allowed.

I have 1000 customers right now unable to use my software, and have no new buyers, loosing money for every second.

I'm stuck, wtf should I do?

3 Answers

Hang on, you are saying CloudFlair doesn't stop ddos attacts even when you set it up as "under attack"?

Yes, in several web application rules also. Finally got proxy on the site, but it doesn
t seem to help much either.

Might it be the case that the person who is DDoSing already knows your underlying droplet's IP address, therefore CloudFlare would be of very limited use? I was under a similar situation, what I did was just to snapshot the old droplet and create a new one (so that I get a new IP address assigned) and hide that droplet behind CloudFlare.

Anyway, under conditions where you don't have network connectivity to your droplet, you can actually access the console via the web interface.

Have another answer? Share your knowledge.