Why has my droplet networking been disabled?
First I get an email from DigitalOcean thanking me for reporting my own droplet to them?
Message makes no sense, I start to think someone has access to my digitalocean account and is reporting my own droplets to shut me down… I panic. Message digital ocean, get a reply after 12+ hours the following:
The traffic we noticed was a SYN flood (http://en.wikipedia.org/wiki/Syn_flood) being launched from your Droplet against a remote server at 18.104.22.168 - not any form of legitimate traffic. This could not have been from a remote system, as there was no inbound traffic (from your client) during this incident.
Now they claim someone hacked into my droplet and performed a DDOS attack. I have been with digitalocean for more than 4 years, and this is the first time something like this happens.
I am upset of how bad their first email was, forcing me to spend an entire day in paranoia over what is going on, trying to migrate code and redeploy. Secondly, the second email reveals nothing useful.
There is nothing hosted on the IP that they say someone DDOSed. Likely someone hacked into my droplet, but something doesn’t sound right. Just doesn’t make sense.
Either way, my question and concern is, do I get the blame for any of this DDOS attack?
Should I keep doing business here?
Does my standing as a DO customer change because of this incident?
There are other people reporting that there is abuse of the “droplet report system”.
Is DO going to do anything about this? This day because of all this mess, I lost $500+ I am not expecting to be compensated by DO, but I can’t afford having my droplets shut down for no reason.
Their support system is very slow, especially for critical issues like this.
Anyone can chip in?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.×