Question

How Do I Know if my Droplet has Been Compromised?

I’m new to using VPS so any help would be appreciated.

I have a droplet IP that keeps getting flagged for abuse, but all I use Digital Ocean for is to host websites and I am the only person (from our company) that has access to the droplet.

Anyone have any experience with this. or can recommend what steps I should take to prevent this?

Thanks Chaz

Subscribe
Share

hi @chaze77892a4b53

if you want to stop this kind of attacks, I suggest to use a WAF. If you want, you can find a free WAF here: https://waf.red is a new service in-cloud hosted on digitalocean, very easy to use and setup.

hope this help :)

-theMiddle

Hi Ryan, here is what the email said: Abused IP address(es): 195.128.28.224 Abused HTTP host(s): komatransport.pl

The abuser was attempting to bruteforce administrator password of our website

This comment has been deleted

What is being reported in these abuse complaints?


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

You would need to identify specific signs that you are compromised, such as traffic you do not recognize being sent from your droplet.