How to protect against abusive requests ?

Post here your questions about SFS2X. Here we discuss all server-side matters. For client API questions see the dedicated forums.

Moderators: Lapo, Bax

Basto
Posts: 4
Joined: 11 Oct 2020, 07:18

How to protect against abusive requests ?

Postby Basto » 09 Jul 2021, 15:55

Hello.

Actually I have a system in my unity game to reset the account password.

But if the user click on the button 300 times, there will be 300 emails sended.
What can I do to protect the server againts this type of 'attack' ?

And what can I do to protect the server against people really attacking it by sending a lot of requests ?

And another question, is there any 'Change email/password' system ?

Thank you.
User avatar
Lapo
Site Admin
Posts: 22999
Joined: 21 Mar 2005, 09:50
Location: Italy

Re: How to protect against abusive requests ?

Postby Lapo » 09 Jul 2021, 17:03

Hi,
for the specific question of spamming a button in the game UI, a cooldown or a counter could be used.
With a counter you can keep track of how many times a button has been pressed in the same session and limit the number of requests.

A cooldown instead works by disabling the button after a press for a certain amount of seconds/minutes and re-enables it at the end of the timer. Both approaches can be used, even together and they are pretty simple to implement.

As regards how to protect from attacks I recommend the Security Whitepaper from our whitepaper section in the docs:
https://www.smartfoxserver.com/download ... curity.pdf

It explores many different types and levels of attack, including flooding and how to protect against them.

Hope it helps
Lapo
--
gotoAndPlay()
...addicted to flash games

Return to “SFS2X Questions”

Who is online

Users browsing this forum: No registered users and 41 guests