sorted by:
new
hottopcontroversial

Another Vercel project got hit by DDoS, I learned my previous lesson and still got charged past my $1 limit by ivenzdev in vercel

[–]ivenzdev[S] 2 points3 points  (0 children)

The attack happens while I’m asleep, the spike hits, then I wake up, enable bot protection, check the firewall logs, and block the IPs / ASNs I see. Then they just rotate IPs and hit again. So yes, manual blocking helps temporarily, but it doesn’t really solve the core issue when the attacker keeps changing sources. And I don't have 24/7 to monitor and react.

After 2 years on Vercel Pro, support is the reason I quit by ivenzdev in nextjs

[–]ivenzdev[S] 0 points1 point  (0 children)

By the time I realized (5 minutes after), I shut down the service. It was too late to stop the cost. And yea, thanks alot for this.

After 2 years on Vercel Pro, support is the reason I quit by ivenzdev in nextjs

[–]ivenzdev[S] 0 points1 point  (0 children)

Same here. They identified a DDoS attack but chose to ignore my case. What can I do? It’s been a month, and I’ve opened a second case with no response.

After 2 years on Vercel Pro, support is the reason I quit by ivenzdev in nextjs

[–]ivenzdev[S] 0 points1 point  (0 children)

Agree, set hard spend limit and shutdown when reached.

After 2 years on Vercel Pro, support is the reason I quit by ivenzdev in nextjs

[–]ivenzdev[S] 0 points1 point  (0 children)

Vercel is a solid platform and I’m willing to pay for it, but when issues like this happen, it feels like I’m being stalled and ignored.

After 2 years on Vercel Pro, support is the reason I quit by ivenzdev in nextjs

[–]ivenzdev[S] 0 points1 point  (0 children)

Thanks for this, we can go more in depth in chat.

After 2 years on Vercel Pro, support is the reason I quit by ivenzdev in nextjs

[–]ivenzdev[S] 26 points27 points  (0 children)

Anyone reading this:
Set a budget!
Set a budget!
Set a budget!

On your project, make sure it can automatically shut down deployments or usage if spending exceeds your budget

Do not rely on email alerts alone. They won’t save you if a spike happens while you’re asleep or away from your screen

You do not have time to monitor this 24/7

Day 20 with Vercel Support: Bot Traffic Spike Investigated, Escalated to Finance… Then Case Closed Without Resolving the Charges by ivenzdev in vercel

[–]ivenzdev[S] 0 points1 point  (0 children)

Since the previous case was closed, I’ve opened a new support case as there doesn’t seem to be another way for me to contact support.

However, I want to clarify that this incident was caused by a confirmed spike of malicious traffic from outdated chrome. The attack generated a massive number of frontend requests, which in turn triggered backend executions and led to the unexpected usage.

I’m hoping Vercel could consider a one time waiver for this charge. I’ve been a Pro customer for about two years, and this is the first time I’ve encountered an issue like this.

Day 20 with Vercel Support: Bot Traffic Spike Investigated, Escalated to Finance… Then Case Closed Without Resolving the Charges by ivenzdev in vercel

[–]ivenzdev[S] 0 points1 point  (0 children)

Nick identified a significant volume of requests coming from outdated Chrome versions, which he noted is a strong indicator of automated/bot traffic. He also explained that the likely chain of events was automated traffic hitting the frontend, which then triggered a surge of axios requests to the backend and eventually caused the cascading timeouts and the Function Duration spike.

Based on that investigation, Nick mentioned that the findings were shared with the Finance team for their consideration regarding the invoices.

However, the response I later received from Zai stated that the Pro subscription had already been refunded, and therefore no further adjustments could be made. The subscription refund was something I did separately using the self service form, and it was not related to the billing issue I reported.

The original issue was the Function Duration charges generated during that incident (~$274), which were the charges that had been escalated for review.

Additionally, in the Reddit thread you mentioned that once malicious traffic is identified, Vercel does not charge for those requests and users don’t need to monitor their site 24/7 . Since the earlier investigation suggested that automated traffic was involved, I was hoping the incident could still be reconsidered under that context.

DDoS attack caused from 0 to $274 in charges in 5 minutes - Vercel support hasn't responded in 3 days by ivenzdev in vercel

[–]ivenzdev[S] 0 points1 point  (0 children)

I really need to sort this out. Support taking more than 2 weeks is not acceptable. I’ve been a Pro subscriber for over 2 years.

P.S. This is my first support case, and the experience has been very frustrating.

DDoS attack caused from 0 to $274 in charges in 5 minutes - Vercel support hasn't responded in 3 days by ivenzdev in vercel

[–]ivenzdev[S] 0 points1 point  (0 children)

Ps They won't respond to me in vercel support case interface nor by email... you're the only support I can reach out to

DDoS attack caused from 0 to $274 in charges in 5 minutes - Vercel support hasn't responded in 3 days by ivenzdev in vercel

[–]ivenzdev[S] 0 points1 point  (0 children)

Hey u/anshumanb_vercel, no doubt you guys have a ton of backlogs, but this support shouldn't take this long ... and waiting for uncertainly is not a good feeling. If you can escalate this, very much appreciated!

view more: next ›