Before you setup your server on DigitalOcean...

Just found that one of the test domains I had on DigitalOcean got hacked; and after lot of troubleshooting and attempts to find the root cause, it's apparent that the problem lies with DigitalOcean! Someone tricked the DigitalOcean's 'Network' to alter the domain mapping; and apparently it wasn't very difficult to do so.

I'd not say I'm totally against DigitalOcean. I use them to setup test servers and once the job is done, I destroy the droplet. However, if you are thinking about hosting your business website on DigitalOcean; I'd suggest that you should think again. Are you a server admin Ninja? Do you love troubleshooting servers? If your answer is yes, go with DigitalOcean. The rest - there are a LOT of good (if not better) choices available in the market.

Over the past decade of running online venture, I can tell you with full confidence that recovering a hacked website or domain isn't pleasant or fulfilling at all. The process is often painful and you're not sure till you recover the last bit of your data.

If you are a tech startup - invest in a web host that offers you rock solid support. Every 'extra' penny you think you're spending on them would be worth it when things go wrong.

Replies

  • Ashish Nanda
    Ashish Nanda
    Hi Kaustubh,

    I have been using Digital Ocean for a long time now to host websites, test websites, run tunnels and well a lot more and I have faced many types of attacks (DOS and Bruit force being the most common). The most awful issue I ever faced was the server shutting down due to CPU usage going to 140% ...

    I am not questioning your capabilities but looks like there might have been a loophole during your setup which someone exploited (probably a bot trying different usernames and passwords). I use SSH keys as it becomes almost impossible for the hacker to intercept your session or try any bruit force...

    Do let me know the details for the same, it might help me secure my servers better 😀
  • Kaustubh Katdare
    Kaustubh Katdare
    #-Link-Snipped-# - It's not a question of capability. DigitalOcean's own system can be tricked as well - and I'm pretty sure that was the main hack in my case. All I had on the droplet were few static files and I'd be okay even if the hacker gained complete control of the droplet.

    I'm confident that DigitalOcean must have fixed the issue by now; which is beyond the control of any of their customer.

You are reading an archived discussion.

Related Posts

Hi my GRE score is 328, m perusing btech in automobile. I have applied for masters in automobile at university of Michigan, Georgia tech, Clemson nd university of Pennsylvania. Which...
hey!! good to read your blog... i am an IT engineering student persuing my degree. To b specific in 2 yr of engineering... i took admission in engineering frm parents...
Engineers at the Columbia University, New York have achieved a breakthrough in wireless communication that allows doubling of Wi-Fi capacity on nanoscale silicon chip while using a single antenna. Just...
The yet to be announced officially, YU Yureka Note YU6000 smartphone, has reportedly been spotted, at some offline segments in the country suggesting complete specifications at a price of Rs....
If like me, you're more inclined towards web-minimalism and instead of pasting the tediously longish permalink, prefer to go with one of the many popular URL shortening tools, you might...