Digital Ocean blocked my account

[ugly_munchkin]

Digital Ocean blocked my account. They said my "deployment and actions were in violation of our Terms of Service" which is remarkable because all I did was create a single droplet and run a basic setup script on it. The next day — blocked, shut down, deleted. No warning, no explanation, no appeal.

Their Terms of Service allows them to delete your servers, your data, everything — at any time, for any reason, including none at all. The tiniest perceived risk to them outweighs any amount of loss to you. They won't tell you what you did wrong. They won't give you time to retrieve your data. They just delete everything and wish you well finding another provider. Here is their response when I asked for an explanation:

Hello,

Greetings from DigitalOcean!

Thanks for reaching out, my name is Raveel from DigitalOcean Support.

We reviewed the information you have shared with us so far and we have come to the conclusion that your deployment and actions were in violation of our Terms of Service Agreement [1] and Acceptable Use Policy [2] and as a result, we are unable to remove the lock from your account.

I sincerely apologize for any inconvenience caused by this.

Additionally, please note that we're unable to share details regarding what factors we considered that led to this decision or how we came to this conclusion as this is critical to maintaining the integrity of our platform security operations.

You can review our Terms of Service agreement and Acceptable Usage policy here

[1] Terms of Agreement: Legal - Terms of Service Agreement (digitalocean.com) [2] Acceptable Usage Policy: Legal - Acceptable Use Policy (digitalocean.com)

We recommend you find a new service provider that better suits your needs as our security tooling would consider these actions when you sign up again resulting in account locks and termination of linked accounts during manual platform-wide reviews.

If you still feel this is in error we request you to share detailed information about you, your business, and your deployment with us so that we can take your explanation into further consideration and contextually analyze it with information we have on file with us to review this decision.

If you have any questions or concerns, feel free to reach out.

Warm Regards,

Raveel Associate Customer Advocate DigitalOcean Support

[Natone]

This kind of thing isn’t that uncommon. A lot of providers rely on automated flags, and once you get caught in that, it’s hard to get any real explanation. Probably worth trying another provider and keeping backups somewhere else so you’re not stuck if it happens again.

[soulchild37]

Are you using a newly issued card to pay for the servers? (or a prepaid card). Reddit has several threads like this, and a common issue is using a newly issued card to pay, which DigitalOcean might classify it as a fraudulent card.

[andymegacreep]

damn, that’s rough. The no warning / no explanation part is the worst.

stuff like this is why i’ve started leaning more toward things i actually control, self-hosting when possible, or at least keeping setups easy to move around. getting locked into one provider can bite you out of nowhere.

doesn’t help your situation now, but it definitely makes future hits like this less painful. Hope you didn’t lose anything important.

[sattoshi]

> run a basic setup script on it

What was the script?

[ugly_munchkin]

OS update, Remove unnecessary services, Harden SSH, Set up firewall, Install fail2ban,

that's all.

[MegagramEnjoyer]

This is what you call enshitification. DO used to be my goto many years ago.

[journal]

use something else

[segmondy]

so? go to a different provider, or even better, self host.

[ugly_munchkin]

self host: the entire purpose is to get stuff off my machine for disaster recovery. different provider: limited options, they all play the same tricks, and pre-payment is essential to avoid bank payment failure risks (who also pull the same tricks)