Doctacosa

Well, this wasn't what I planned to write about this month, but an incident that took place earlier today is worth a mention.

Some players noticed this morning that the forums and website were unusually slow, or outright unresponsive. I assumed at first that this was a random issue that would resolve itself (Internet issues, perhaps?), but after contacting my web host, it turned out that the website was undergoing a Distributed Denial of Service (DDoS) attack!

Someone was using several connections to try to load forum pages, while adding a database query payload in the URLs. The goal of that might have been to try and find a security flaw to exploit, but the sheer amount of page requests being done completely overloaded the website's capacity to answer. In the roughly 4 hours that this lasted, the server recorded 367,570 page loads. As you can imagine, that goes way beyond the usual amount of traffic! The solution turned out to be as simple as pulling the forums temporarily offline: with no vector of attack available, the DDoS hit automatically stopped after a while.

Unfortunately, things like these will happen once in a while when dealing with online communities and it can be especially common in gaming circles. While it's difficult to say who caused this one, it could have been a previous player that was banned, or someone who didn't like the answers we gave them. The game servers get hit once in a while too, but the datacentre where those reside has a built-in protection against these type of attacks, so whoever is online at the time won't even notice that something is going on. I get notified so I can keep track of the situation as needed.

There's no perfect way to prevent this, as angry people might go to any length to try to act out of revenge. On this specific case, the forums could be migrated to our dedicated server; they would then be covered by the datacentre's protective shield. Beyond that, every situation has to be dealt with on its own!

#gamedev #projects

– Doctacosa