Server down - Denial of Service attack

Posted August 18, 2016 4.5k views
Ruby on RailsUbuntuDigitalOcean

Hi there,

I am running ruby on rails application in my Droplet and I got mail like “Denial of Service attack” and I checked the application log file and 3 more users only accessed the server so I don’t how Denial of Service attack happen.

Is there any way to find out the what is the issue and where to check and how to resolve this kind of issues?

Please help on this, thanks in advance.


These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
6 answers

Was the mail you received from DigitalOcean? Did it specify that there was an incoming Denial of service attack targeting your droplet or a denial of service attack coming from your droplet? If a ticket was opened on your account the very first step should be to respond to that ticket and our team can help you understand your options moving forward.

Hi ryanpq,

Thanks for the response
Yes I received mail from Digital Ocean.
They specify like “Outgoing Denial of Service attack originating from your Droplet”

Yes I respond and asked for the reason. But they are advising to take backup and restore.

I had the same problem. I also received an email from them. Let me get this straight, Are they implying that “somebody” hacked into my droplet and used it to create a Denial of Service Attack? I know I didn’t do it. How can they do it? I checked the /var/log/auth.log and there was nothing. Should I register an e-mail every time somebody logs into my droplet? Perhaps that hacker used a security hole in the application server (tomcat) or perhaps some malware in my java libraries (all of them are Open Source). Could be it because a security problem in Digital Ocean?
Well I re-installed everything, I changed the default ssh port and I installed a firewall.
Any help to prevent this from happening again would be appreciated.

help me, my server “Outgoing Denial of Service attack originating from your Droplet” too…
can i solved this problem?
please help me....

Any solution so far? 2018

Please help me know :(

been experiencing this issue for over 9 months now, i can just spin up a server and not run anything on it but just nginx and i still get DDOs attack. DO needs to fix this issue rather than shutting down our servers