need solution for this "Inbound DDoS Detected"

July 24, 2016 287 views
High Availability DigitalOcean Ubuntu
Hi there,

Our system has automatically detected an inbound DDoS against your droplet named xxxxx with the following IP Address:

As a precautionary measure, we have temporarily disabled network traffic to your droplet to protect our network and other customers. Once the attack subsides, networking will be automatically reestablished to your droplet. The networking restriction is in place for three hours and then removed.

Please note that we take this measure only as a last resort when other filtering, routing, and network configuration changes have not been effective in routing around the DDoS attack.

Please let us know if there are any questions, we're happy to help.

Thank you,
DigitalOcean Support

this is second time my vps has been taken offline for 3hours.
i have a youtube downloader application running on my vps. yes it uses lots of inbound i need a solution that will limit speed of network interface to comply with DO bandwidth usage so that DO wont block my vps again?

any help would be appreciated.


3 Answers

@stephin - You can indirectly affect the bandwidth of your application by setting the ionice or nice settings of your program. Not that these two commands set the priority of your programs' scheduling by the kernel, and does not monitor nor directly control your droplets network bandwidth. Use the man command to find out more about invoking your program with the nice, renice, and ionice commands.

Hi! What youtube downloader app are you running? See if you can modify it so that it runs through Trickle which can be used to limit its bandwidth usage without affecting other processes.

If not, you can limit bandwidth speeds system-wide by using wondersharper. It can be installed using apt-get (sudo apt-get install wondersharper) and is used as follows:
       wondershaper [ interface ]
              Shows the status of traffic shaping on that interface.

       wondershaper clear [ interface ]
              Removes all traffic shaping from that interface.

       wondershaper [ interface ] [ downlink ] [ uplink ]
              Configures  the  wondershaper  on the specified interface, given
              the specified downlink speed in kilobits  per  second,  and  the
              specified uplink speed in kilobits per second.

For example, to limit eth0's download and upload speeds to 250Mbps, run:

sudo wondersharper eth0 250000 250000
  • thanks . i am using this youtube-dl
    i have already done this with wondersharper yesterday based on the answers i found in google search results . hope DO won't suspend my vps again.
    but can you suggest me a way to verify the upload download speeds?
    i guess trickle won't help when there are many parallel downloads ?

    • You can use a tool such as ethstatus to check what your current download/upload rates are, or take a look at the Graphs tab in the control panel.

      I haven't used trickle myself, but, as far as I know, it will not help if youtube-dl forks a separate process that handles the downloading part. Though, I doubt that youtube-dl does that so it might work. You can test that by limiting it to a very slow speed such as 10Mbps and using ethstatus to see what your current download rate is.

Yes, I had the same problem with 3 times offline, and I know nothing about. My VPS just use for 2 small blogs, and I don't know How to solve this problem? Please help me. Thanks!

Have another answer? Share your knowledge.