Question

Will DOS attack cause a big bill for me?

Hello I am new to DO and I have MERN application with droplet and MongoDB. I am a bit worried about DOS attack would trigger a very large bill to my account. could anyone shed some lights on this? Is there any protection from DO for such DOS attack from financial point of view? As for DDOS, I saw that DO doesn’t have anything and Cloudflare is recommended.


Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

alexdo
Site Moderator
Site Moderator badge
April 6, 2023

Hello @peterlee34567

DDoS attack should not affect your bandwidth allowance, and this is essentially inbound traffic. Inbound bandwidth to droplets never counts against your Spaces transfer allowance, according to the documentation here:

https://docs.digitalocean.com/products/billing/bandwidth/#droplets

Hope that this helps!

alexdo
Site Moderator
Site Moderator badge
April 6, 2023

Hello @peterlee34567

DDoS attack should not affect your bandwidth allowance, and this is essentially inbound traffic. Inbound bandwidth to droplets never counts against your Spaces transfer allowance, according to the documentation here:

https://docs.digitalocean.com/products/billing/bandwidth/#droplets

Hope that this helps!

KFSys
Site Moderator
Site Moderator badge
April 6, 2023

Hey @peterlee34567,

DDoS attacks

It’s worth noting that DigitalOcean provides some protection against DDoS attacks by default, using a combination of firewall rules, rate limiting, and network-level DDoS protection provided by their upstream providers. However, this protection may not be sufficient to handle very large or sustained DDoS attacks.

In terms of financial protection, DigitalOcean has a system in place to help protect customers from excessive bandwidth charges resulting from DDoS attacks. If your Droplet is the victim of a DDoS attack, DigitalOcean will automatically place a network ingress limit on your Droplet to help prevent additional charges. The ingress limit will block all incoming traffic except for that which is explicitly allowed by your firewall rules. This means that your website or application may be temporarily unavailable during the attack, but you won’t be charged for the excess bandwidth.

It’s important to note that this protection only applies to DDoS attacks, not to other types of attacks such as DoS attacks or application-layer attacks. Additionally, this protection only applies to the bandwidth charges associated with the attack; any charges related to the resources used by your Droplet (e.g. CPU or disk usage) will still apply.

For additional protection against DDoS attacks, you may want to consider using a third-party DDoS mitigation service like Cloudflare. Cloudflare provides advanced DDoS protection and can help mitigate attacks before they reach your DigitalOcean Droplet. They also offer additional security features like a web application firewall (WAF) and content delivery network (CDN) that can help improve the performance and security of your website or application.

DoS attacks

To protect against DoS attacks, you should consider implementing measures such as rate limiting and traffic shaping on your application, or using a third-party security service that specializes in DoS protection. Some web application firewalls (WAFs) also have features specifically designed to prevent DoS attacks.

As for Bandwitdh as mentioned if there is a lot of traffic over your network DigitalOcean would limit that however you need to put in place measures for that as well such as rate limiting and traffic shaping on your application, or using a third-party security service that specializes in DoS protection.

It’s worth noting that while DoS attacks can be disruptive and frustrating for users, they generally do not result in the same level of financial impact as DDoS attacks. This is because a DoS attack is usually carried out using a single device or network, and is therefore unlikely to generate excessive bandwidth charges.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

card icon
Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Sign up
card icon
Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We’d like to help.

Learn more
card icon
Become a contributor

You get paid; we donate to tech nonprofits.

Learn more
Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow – whether you’re running one virtual machine or ten thousand.

Learn more ->
DigitalOcean Cloud Control Panel