DDoS Attack

Distributed Denial-of-Service (DDoS) attacks are a type of cyber-attack in which bad actors overwhelm servers, routers, load balancers, or applications with incoming connections to render them inaccessible.

DDoS attacks effectively compromise the target server, service, or network to crash it or make it unavailable.

A reflection amplification attack is a type of DDoS attack where attackers magnify the amount of traffic generated in order to overwhelm the target and disrupt or shut down systems and services.

We restrict some Droplet network traffic to help protect them against malicious actions, like reflected DDoS attacks. We know these current restrictions also prevent functionality like configuring direct server return and using Droplets as routers and site-to-site VPN gateways. Future changes to our network supports this functionality. Until then, you can work around this limitation by using a VPN mesh network or overlay network.

DDoS Attack Articles

We temporarily trigger a blackhole when a DDoS attack against a resource reaches a mitigation limit. We recommend contacting support and planning strategies to keep your resources online in the future.
Use DigitalOcean’s recovery ISO with the Recovery Console to regain access to and perform data recovery operations on your Droplet, like getting access to an interactive shell, running fsck, or chrooting into the system.