[nubinetwork]

> You will be charged up to 20% based on your total monthly resource usage covered by DDoS Protection with a total monthly maximum of $1000/mo.

I get that someone has to pay for this, but if I had 50 servers here and they all got shit on, I'd be on the hook for a lot of money through no fault of my own.

[robbiemitchell]

That’s pretty much how insurance works. This is a 20% fee for DDoS insurance.

[belter]

AWS has an (expensive) option with DDoS cost protection.

https://aws.amazon.com/shield/features/#AWS_Shield_Advanced

[johnklos]

They gotta get more money from all the scammers they host somehow.

[stevenicr]

I partially wanted to LOL this. Realized that's not a thing for HN. Thought that this will likely be downvoted because HN.

Then I thought, what a great way to tax the spammers / hackers that use DO!

I would gladly pay the $5 ddos fee to hammer the ips that keep trying to login to my wordpress sites.

just kidding, I would not actually do that.. but the thought is pleasant.

I've used DO many times and I am a fan btw - just looked back at their pricing page a couple days ago considering spinning up a droplet to self host a git thing.

[stevenicr]

not sure if I was clear enough for the downvoters to get it, ddos the ips and have DO charge the spammers / hackers a fee is the point..

Not that I advocate for ddos - I think it's a terrible thing, and I've been through it a few times.

DO and OVH are my most blocked ip blocks on several servers. I also get some hetzner and aws and microsoft blocks a lot among others sure.

Interesting that I just launched a brand new WP on a brand new domain, and in less than 24 hours half of the hack attempts are from DO ips.

You could lecture me about reporting and blah blah. I've been down those roads spending literal months doing that. With DO's cheap boxes and rotating IPs it's not worth it, I just block the entire CIDR every time, today it's 157.245.0.0/16 and 174.138.0.0/17

If DO was serious about stopping these abuses they would offer a WP plugin or opt-in setting that could check data from wordfence and similar and easily see which of their boxes are being used to hack into sites, all this could be automatic, without the form filling and delays that are required.