This weekend I received an email from Google Cloud warning me that my project would be suspended due to a possible policy violation due to a Denial of Service (DoS). After looking at the logs, I realized that when I generated my HTTPS certificate I had a sudden surge of outgoing network bandwidth usage.
I'm installing a mail service on my VM called Carbonio CE. Carbonio provides me with a CSR, which I first tried to use to get my certification from gethttpsforfree.com, which I know it's a good source. It failed before completing the process, though - I had run the DNS challenge at this point. Then, I realized Carbonio has a tutorial on their website to generate a free HTTPS certificate using Let's Encrypt. I follow their tutorial. It failed due to a fixable problem, which I did and it worked.
I didn't realize the network bandwidth usage had spiked at this point, and I just let it be. Fast-forward to yesterday, and I get a GCP notification and a very angry client email asking what the hell was going on.
I immediately shut down the VM and contacted GCP's Compliance Department. Today I shut all ports I had opened per Carbonio's requirement except HTTPS. So far it's all looking ok, although GCP's Compliance bot seems adamant about suspending my project.
Any ideas on what caused the issue, and how might I solve it?
Thank you in advance!
