Issues with Spotipo installs being apart of a DDOS attack



  • We are running into issues using Spotipo on the marketplace on Digital Ocean using their install, and even manually creating an Ubuntu droplet and installing it from your repository. These are blank installs that are not even fully configured yet.

    Digital Ocean is disabling networking on the droplet and flagging it for contributing data to a DDOS attack. Attached below is what they are telling us.

    Any ideas what could be causing this?

    Untitled.png



  • @Tyl_PSC Sorry to hear that, do you know what kind of traffic pattern is created?

    As such spotipo doesn't create any outgoing traffic, if you could provide some more details. I am happy to investigate further



  • Here is the entire email. Can you provide any alternate cloud hosting options for us to try?

    Hi,

    We are writing to let you know that your Droplet Spotipo at 159.203.105.211 has been disconnected from the network after it contributed 1.6 Gbps to a 31.3 Gbps Distributed Denial of Service attack. The network traffic from your Droplet matches a pattern of malicious traffic originating from other Droplets targeted at a specific victim. We understand how disruptive this may be to your work; however, it was critical for us to disconnect your Droplet to reduce further harm.

    Your path to resolution will be influenced by how you use Spotipo, your technical expertise, and/or your time available for investigation.

    Path 1 - If Spotipo does not collect or contain any data you need to preserve, we suggest destroying this Droplet and starting over. This is the most straightforward way to get back up and running. Please note, you will still be billed for your Droplet usage, even in a network disconnected state.

    Path 2 - If Spotipo stores data you need to recover, please follow our recovery checklist on https://www.digitalocean.com/docs/droplets/resources/recovery-iso/ before destroying this Droplet and starting over.

    Path 3 - If you are confident in your technical ability and want to troubleshoot, identify, and triage the problem on your own, we do have a resource available at https://www.digitalocean.com/docs/droplets/resources/ddos/ that includes some suggestions.

    Let us know once you have completed your resolution path and we will provide any applicable follow-up.

    Best,
    DigitalOcean Security

    ref:_00Df218t5m._500f21Ptqoa:ref



  • @Michael-Strain Did you install Spotipo via market place?

    You can find the generic install guides that's suitable for all providers in https://docs.spotipo.com/category/l9rbblrayd-install-spotipo



  • Yes, it was installed from the marketplace. I tried again last night and so far so good.


Log in to reply
 

});