I got the following from google: This project appears to be committing denial of service attacks.

The VM is running Ubuntu 16.04 with latest updates, Apache, PHP 7.0, MySQL 5.7 and Docker.

I would like to know what to look out for to mitigate this please.

I'm leaving here some interesting resources you can check to secure your Google Compute Engine instance:

• Ubuntu SSH Guard manpage
• ArchLinux SSH guard guide (guides you through installation and setup)
• Apache hardening guide from geekflare
• PHP security cheatsheet from OWASP
• MySQL security guidelines

General security advice for Google Cloud Platform instances:

• Set user permissions at project level.
• Connect securely to your instance.
• Ensure the project firewall is not open to everyone on the internet.
• Use a strong password and store passwords securely.
• Ensure that all software is up to date.
• Monitor project usage closely via the monitoring API to identify abnormal project usage.

To diagnose trouble with GCE instances, serial port output from the instance can be useful.

• You can check the serial port output by clicking on the instance name and then on "Serial port 1 (console)". Note that this logs are wipped when instances are shutdown & rebooted, and the log is not visible when the instance is not started.

• Stackdriver monitoring is also helpful to provide an audit trail to diagnose problems.

Here are some hints you can check on keeping GCP projects secure.