In this new installment we’re going to take a look at a list of tips to improve and optimize a SmartFoxServer 2X deployment.
The list is organized in several categories starting at the higher level of your application and proceeding towards the lower level setting of the server. Completing this process will help make a more secure and efficient deployment of your game server.
» Zone Level settings
Let’s open the server’s AdminTool by pointing a browser to http://<ServerIP>:8080/admin and select the Zone Configurator module from the main menu on the left side.
- Remove unused Zones: during development it is easy to create various Zones for testing and other purposes but when we publish our application it would be much better to deploy only the Zones that are strictly necessary. Make sure to remove the unwanted Zones, including the default BasicExamples shipped in every copy of SmartFoxServer.
- Fine tune the variables and room settings: now select your application Zone(s) and for each of them make sure that these settings are setup correctly and according to the application requirements. This will secure the server from spamming attempts:
- Max number of Rooms: is there a sensible limit to the number of Rooms that can be created in your game? If so you can set it. This way you will avoid spam attempts.
- Max Rooms per User: how many Rooms is a player allowed to create at once?
- Max number of Room Variables: if the game uses RoomVariables how many variables should be allowed for each Room?
- Max number of User Variables: if the game uses UserVariables how many variables should be allowed for each User?
From the same AdminTool section you will also find a host of other minor settings that you may be interested in fine tuning.
- Block requests that are not used by the application: the server API provides a considerable amount of requests that the client can send, but not all of them are typically useful or necessary in every application.
For instance if you don’t allow clients to directly create Rooms from client side you should turn off the Request so that the server will refuse any such calls, even if sent by a forged client.
Also you may want to define different sets of privileges for User that can perform certain requests and others that can’t. For this task you can configure the Privilege Manager in your Zone and fine tune each User profile to allow or deny specific requests.
For more details on this topic you can consult the documentation.
- Setup anti-flood filters: these filters allow to mitigate spam attacks from malicious clients. You can define the maximum frequency per second that each request is allowed from any User. For example you could limit each user to send one private or public message per second, whereas an attacker would likely attempt to send hundreds of them. Additionally the system can be configured to auto-kick and auto-ban spammers.
» Server Level settings
Now we can move to the more general server level (AdminTool > Server Configurator) and review the the following settings:
Stats extra logging: if you plan to dig into the server’s activity and analyze the traffic metrics via the Analytics module, we highly recommend to turn this feature on. Also you might be interested in scheduling the log analysis by activating it in the relative tab.
Cross domain policy: if you’re working with Flash and/or Unity Web Player clients you will need to harden the cross domain policy so that only clients served from your domain(s) are allowed to connect to SmartFoxServer. By default the standard policy file coming with SmartFoxServer allows any client from any domain. Make sure to edit the file in the SFS2X/config/ folder, or create your own and point the server to it via the specific tab in admin module above.
Admin accounts: once in production you will probably have one or more admins and moderator accessing the server’s AdminTool. Make sure to create different accounts for different roles and setup each account’s privileges accordingly, under the Remote Admin tab.
Custom JVM settings: if your deployment requires it you can pass additional JVM parameters that are used at startup, such as JVM memory settings, garbage collection options and more…
All the above settings are further documented here if you need more details.
» Core Level settings
There are a couple of lower level settings that we want to discuss and that are available by editing the SFS2X/config/core.xml file.
- maxIncomingRequestSize: this is the largest size for a single incoming request. By default SmartFoxServer allows a pretty large size, 2 MBytes, but typically requests in game servers are much much smaller than that. Normally you could expect the average request to be no bigger than a few KBytes, and if you’re a bit of a security paranoid you will want to lower this value according to your application characteristics. Keep in mind this is only from client to server. The other way around has not limits.
- sessionPacketQueueSize: this is the size of the queue used by the server to park each User’s outgoing packets should the network pipe be already busy. In other words if the client is not keeping up with the server’s message rate the new packets will be held in the queue until the client is available to receive new data. By default each User’s queue can hold 120 packets. You may need to adjust this value if your game sends a very high packet rate to help slower clients.
» OS Level settings
Finally there is one last OS level setting that you need to keep in mind if you’re deploying on a Linux / Unix operating system, the maximum file descriptor setting. In Unix this value controls also the limit of open sockets and therefore it is very important for SmartFoxServer to operate correctly, especially for large traffic.
We recommend reading this external article to learn how to configure the descriptor’s limit.