[Idea] Protect Your Server From DDOS!

[Endriuska]

Recently all the servers are being attacked within 1-2 to days from the opening, which kind of sucks, but you can't do anything about it.

I was trying to think a good way to protect the server, and maybe the way to go would be to allow players to access the server only after the IP is added to the "Allowed IP List" ?

1. When you register - your IP is automatically added to the allowed list. Plus a section on the webpanel to add the IP.

2. Ability to add IP when launching the game, for example, you run the game launcher window opens with the HTML code embedded(as most of the launcher work right now), there would be captha - you enter correct "string" and it would add the IP to the allowed list.

3. Add IP "on launcher open" - it would send a string or a packet to the server with the existing IP.

Just few ideas for someone that is look to develop something for the community.

GL! :)

[MentaL]

[EliteBattle]

simple just ban ip country that you think which one is the most attacker server.

[Endriuska]

Well, this is one of the solutions. We all know it comes from polish people, but there would be lots of players from poland who would like to play... so this is not really an option...

[KarLi]

the thing u cant do with is cus of proxy users . .
Posted via Mobile Device

[jajczan]

Yeeee This forum have a lot of coders etc, but rly nothing can be done ?
Now we have only server with VIP webshops and dunno exp for kids like 9 years old.
Many good servers ( with good config and people who want make everyday more ) go down by DDos.
Any solution?
Wanna see a picture of this gAY who DDosing REFUGE, MUKINGS, and a lot of more everyday ?
JPG from FACEBOOK

Who wanna kick ass of him ?

83.24.209.150
drx150.neoplus.adsl.tpnet.pl

Name: Marcin zielak Street: Brata zebrowskiego 4/2 07-ostroleka
Login RZ : Zielak300

GaduGadu: 12919389
Email: marcinek90ostroleka@o2.pl

[EliteBattle]

the thing u cant do with is cus of proxy users . .
Posted via Mobile Device

if you with muguard premium i'm sure it's can be block proxy ip to not connect into server.

Yeeee This forum have a lot of coders etc, but rly nothing can be done ?
Now we have only server with VIP webshops and dunno exp for kids like 9 years old.
Many good servers ( with good config and people who want make everyday more ) go down by DDos.
Any solution?
Wanna see a picture of this gAY who DDosing REFUGE, MUKINGS, and a lot of more everyday ?
JPG from FACEBOOK

Who wanna kick ass of him ?

Thx for post , i guess i will have to block this IP as well :P

[[RCZ]ShadowKing]

Two things to say
1. You can't block proxy unless you get a list of all available proxy servers(there are services that help you with that for a monthly payment)
2. DDOS can't be stopped by any software because eventually your server will run out of resources, its just a matter of time(usually 1-2 minutes).

So the only thing you can do to protect your server(assuming you don't have tons of money to buy equipment) is to be friendly with hackers and go with big companies that can fight amateur DDOS(from what I know OVH is doing a very good job).

[Ytys Vynsan]

buy a hardware firewall and a load balancer.. Simple, no software protects against it.

Ideal set up

Server > firewall > load balancer with 2+ 100mbit+ connections, if possible 1gbit, and a decent webhost for your site and forum.

Simple, now stop creating these threads, you all know how to stop it, spend money on hardware
Posted via Mobile Device

[Intelligence]

I suggest, ask those developers who developed servers that are in top 1-5 (in gtop or extremetop) because they are the developers who knew how to protect their server and run until they can.
+ I think, in this section professional developers doesn't actually share their ideas how to protect their servers that's why, means 'selfish'. (NO OFFENSE)

[Bakuya]

top 1-5 (in gtop or extremetop

They are the ones flooding :)))

[sgtemu]

Recently all the servers are being attacked within 1-2 to days from the opening, which kind of sucks, but you can't do anything about it.

I was trying to think a good way to protect the server, and maybe the way to go would be to allow players to access the server only after the IP is added to the "Allowed IP List" ?

1. When you register - your IP is automatically added to the allowed list. Plus a section on the webpanel to add the IP.

2. Ability to add IP when launching the game, for example, you run the game launcher window opens with the HTML code embedded(as most of the launcher work right now), there would be captha - you enter correct "string" and it would add the IP to the allowed list.

3. Add IP "on launcher open" - it would send a string or a packet to the server with the existing IP.

Just few ideas for someone that is look to develop something for the community.

GL! :)

I may be wrong, but I thinking that giving a launcher such acces to the server would only make it more vulnerable if not done properly.
I tend to think that some people think they're ddosed even when they're not. In 2 years I've only once been attacked like this. Most of the times they try crappy udp floods after they make some stupid google search. My advice, as a low-budget option, first try to secure the server against all other attacks out there before thinking of this; not all kids on mu can actually make any ddos. You can start by simply changing your ports and allowing only tcp traffic on those 3 ones through some router, and you instantly got rid of some annoying "kids". Also I find it really affordable and efficient to use some separate webserver. Just host something for around 10$ per month for website.
Anyway, I'm not an expert on this stuff, but this is what I find easier to do if you only host a server for fun and friends, not to make real money.

[KrYsSu]

Hmmm is verry hard to have a strong server. I think the best security is Linux and csf firewall. but i don`t know more about security !

If trying to see :) nasa down or pentagon by Romanian Tinkode.

If you find a good hacker :) no security help you for attack. The solution for this is limited.

So far USA thx Romania for BitDefender becuase have a a lot of ideia for new security i know now romania make for nasa new security.

I will whait for new solution about this kid :D

[KraMer]

damn you all thats what i think

hardware firewall with proper setup is more than enough to fend away your friendly neighborhood scriptkiddie ddosing your servers, thats how zypher does it, thats how sunshine did it, thats how alliance did it, heck thats how all major wow and deka servers do it.

limit connections/ip rate to 10 and if overpassed all connections from said ip time out

dont use default ports, always remember to change default passwords(also proper schedule to change all your passwords helps), dont use free mucore/muweb crap, because they are full of exploits(and if you do then you better check login and admin panel vulnerabilities).

i could go on...but anyone who has set up a server should already know most of this, so imho it should be enought to sum it up to: dont be lazy, if you have worked your ass off to make proper set-up for your server you shouldnt be lazing off because its pain in the ass to check php vulnerabilities on your webby.