DDOS attack mitigated
Hello everyone, my nodeJS app was recently attacked by DDOS, and luckily cloudflare has stopped this attack.
after looking at the user IP I was able to pinpoint the culprit and took a look at the user's activity.. but I could not deduce anything, he looks clean. as if they did not do anything.
I need your help educating me how I can make respond properly to this incident. they are a legit paying customer and it would not be fare to ban them after they've payed...
can someone provide me with proper tips to respond to this?
4 Replies
If I may ask, how is it you have identified the user that you specify in your question?
Just send them a warning via email. Whem it happens again, send a mail βaccount at riskβ. On the thord time terminate the contract and user account
recently attacked by ddos able to pinpoint the culprit looks cleanwhat?
I keep logs of IPs and userIDs
that's the weirdest part... this dude was paying and everything
It could be that their account was hacked and used in a different location