Hello @peterlee34567

DDoS attack should not affect your bandwidth allowance, and this is essentially inbound traffic. Inbound bandwidth to droplets never counts against your Spaces transfer allowance, according to the documentation here:

https://docs.digitalocean.com/products/billing/bandwidth/#droplets

Hope that this helps!

Hello @peterlee34567

DDoS attack should not affect your bandwidth allowance, and this is essentially inbound traffic. Inbound bandwidth to droplets never counts against your Spaces transfer allowance, according to the documentation here:

https://docs.digitalocean.com/products/billing/bandwidth/#droplets

Hope that this helps!

Hey @peterlee34567,

DDoS attacks

It’s worth noting that DigitalOcean provides some protection against DDoS attacks by default, using a combination of firewall rules, rate limiting, and network-level DDoS protection provided by their upstream providers. However, this protection may not be sufficient to handle very large or sustained DDoS attacks.

In terms of financial protection, DigitalOcean has a system in place to help protect customers from excessive bandwidth charges resulting from DDoS attacks. If your Droplet is the victim of a DDoS attack, DigitalOcean will automatically place a network ingress limit on your Droplet to help prevent additional charges. The ingress limit will block all incoming traffic except for that which is explicitly allowed by your firewall rules. This means that your website or application may be temporarily unavailable during the attack, but you won’t be charged for the excess bandwidth.

It’s important to note that this protection only applies to DDoS attacks, not to other types of attacks such as DoS attacks or application-layer attacks. Additionally, this protection only applies to the bandwidth charges associated with the attack; any charges related to the resources used by your Droplet (e.g. CPU or disk usage) will still apply.

For additional protection against DDoS attacks, you may want to consider using a third-party DDoS mitigation service like Cloudflare. Cloudflare provides advanced DDoS protection and can help mitigate attacks before they reach your DigitalOcean Droplet. They also offer additional security features like a web application firewall (WAF) and content delivery network (CDN) that can help improve the performance and security of your website or application.

DoS attacks

To protect against DoS attacks, you should consider implementing measures such as rate limiting and traffic shaping on your application, or using a third-party security service that specializes in DoS protection. Some web application firewalls (WAFs) also have features specifically designed to prevent DoS attacks.

As for Bandwitdh as mentioned if there is a lot of traffic over your network DigitalOcean would limit that however you need to put in place measures for that as well such as rate limiting and traffic shaping on your application, or using a third-party security service that specializes in DoS protection.

It’s worth noting that while DoS attacks can be disruptive and frustrating for users, they generally do not result in the same level of financial impact as DDoS attacks. This is because a DoS attack is usually carried out using a single device or network, and is therefore unlikely to generate excessive bandwidth charges.