Quote:
Originally Posted by DKUNitex
1) Use Cloudflare for website.
2) Always put website/webserver/update server on a separate server or virtual machine from game server files + DB
3) Use a host that has DDoS protection
4) Firewall block UDP from host and only open login + server ports on host firewall (not just Windows Firewall)
5) disable database SA account, only allow connections to DB from server with server apps
6) Make a DB account just for login and make that account only have permissions for login related tables
7) Add a captcha on the login page and make sure it's not vulnerable to SQL injection
8) Don't use the same password anywhere.
9) Set up a database backup job that runs on a schedule and also backs up to an external server
That's all I can think of off the top of my head for now. You can use Google or ChatGPT to learn how to do these things.
|
Thank you for taking the time to answer me, I will follow these tips to the letter, thank you very much!!!! <3
Quote:
Originally Posted by guesswho-.-
What do you define as protection? There is a lot of different things you could (should?) protect:
1. Game client
- CSV files (against modification)
- CSV files (against file theft)
- Process memory (against cheat engine-like hacks)
- Dekaron.exe integrity (against static code modifications)
- Shield hack detection
2. Game server protection
- Blocking a foreign client
- Blocking packet exploitation (server crashes, quest hack, GM shop access, dungeon exploits etc.. )
- Player authentication (HWID stuff for example)
- Proper anti-dual-login
- Anti dupe & dupe detection
3. Infrastructure protection
- Anti-DDoS
- Server misconfiguration
- Hiding dedicated server's IP address
I didn't list everything because the list would have been way longer. But this is a place to start.
good luck
|
Thank you for taking the time to answer me, I will follow these tips to the letter, thank you very much!!!! <3