Antiflood for variable updates.

Need help with SmartFoxServer? You didn't find an answer in our documentation? Please, post your questions here!

Moderators: Lapo, Bax

User avatar
marsoups
Posts: 167
Joined: 14 Apr 2008, 03:30

Antiflood for variable updates.

Postby marsoups » 04 Jun 2014, 13:27

Hi,

Is there any way to prevent DOS attacks / flooding caused by rapidly setting user variables ? There are players trying to make our game a misery and so far as I know, the antiflood system is only related to chat systems.

I know one answer would be to check times and expected times for requests, but in the case of public user variables, there is no hook to verify the actions with this version of Smartfox. Can anyone recommend anything that would help solve this issue and ban users that are flooding the rooms as this is crashing the game and we are losing players due to this.
User avatar
Lapo
Site Admin
Posts: 23008
Joined: 21 Mar 2005, 09:50
Location: Italy

Re: Antiflood for variable updates.

Postby Lapo » 06 Jun 2014, 10:35

In SFS2X there's a more advanced system to fight back this issues, which allows to configure each request with custom params for anti-flooding: the interval between requests, and the max requests before a warning is issued. Multiple warnings will result in prolonged banning.

In SFS1 you can work similarly but you will have to write some server side logic.
Here are the steps:

1- Disable the requests that you don't want the client to be able to access directly via this XML in your config

Code: Select all

<DisabledSysActions>
  <action>...</action>
  <action>...</action>
</DisabledSysActions>


More on this here: http://www.smartfoxserver.com/docs/1x/i ... _1.4.0.htm

2- Send the parameters for your previous request (e.g. SetUserVariables) to your Extension instead:
here you will be able to add custom validation for the amount and frequency of requests that you are getting from a user and block DOS attacks.

3- Execute the actual request from server side
By calling the server side API directly (e.g. SetUserVariables)

Many examples can be found here:
http://www.smartfoxserver.com/docs/1x/d ... okBook.htm
Lapo
--
gotoAndPlay()
...addicted to flash games

Return to “SmartFoxServer 1.x Discussions and Help”

Who is online

Users browsing this forum: No registered users and 48 guests