How Do I Know if my Droplet has Been Compromised?

December 14, 2015 2.6k views

I'm new to using VPS so any help would be appreciated.

I have a droplet IP that keeps getting flagged for abuse, but all I use Digital Ocean for is to host websites and I am the only person (from our company) that has access to the droplet.

Anyone have any experience with this. or can recommend what steps I should take to prevent this?


  • What is being reported in these abuse complaints?

  • Hi Ryan, here is what the email said:
    Abused IP address(es):
    Abused HTTP host(s):

    The abuser was attempting to bruteforce administrator password of our website

  • hi @chaze77892a4b53

    if you want to stop this kind of attacks, I suggest to use a WAF. If you want, you can find a free WAF here: is a new service in-cloud hosted on digitalocean, very easy to use and setup.

    hope this help :)


1 Answer

You would need to identify specific signs that you are compromised, such as traffic you do not recognize being sent from your droplet.

Have another answer? Share your knowledge.