My droplet got disabled, presumably, because of weak root password.

Posted June 27, 2019 1.9k views
UbuntuDigitalOceanUbuntu 18.04

2 days ago, my network consultant changed my password to <snip> in order to fix something.

A day later, my server got disabled by DO. They email me this

“”“"We are writing to let you know that your Droplet FFGCCLUB-SERVER at <snip> has been disconnected from the network after it contributed 1.5 Gbps to a 12.4 Gbps Distributed Denial of Service attack. The network traffic from your Droplet matches a pattern of malicious traffic originating from other Droplets targeted at a specific victim. We understand how disruptive this may be to your work; however, it was critical for us to disconnect your Droplet to reduce further harm.

Your path to resolution will be influenced by how you use FFGCCLUB-SERVER, your technical expertise, and/or your time available for investigation.”“”“

I have done some research. and i found a DO moderator said that "a weak password can cause DO to disable someone network”

PS. I ran all my websites with Cloudflare.

edited by MattIPv4

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers

Is there any solution to get my Droplet up online. Now it all disconect. Cannot access website at all (SFTP also).

Hi there @FFGCCLUB,

Very sorry that you are experiencing this issue. I have requested that this is escalated internally and you should get a response soon on the related support ticket for this issue. Unfortunately, as a community, we cannot do anything more to assist with resolving this.

With the weak password that you had set, it is possible that a malicious user managed to guess it and then abuse your droplet to launch a DDoS attack from it.

- Matt.