Forum BigDB Dealing With Security !

Discussion and help relating to the PlayerIO database solution, BigDB.

Dealing With Security !

Postby [GD]AlaaNasro » September 1st, 2015, 8:17 am

Hey,
So,i just added Achievements system using BigDB works fine and so awesome system cause its fast,so i was wondering how i can make it unreachable,cause a simple hacker can change his Achievements !
Just give me idea,am ready to code it !
[GD]AlaaNasro
 
Posts: 46
Joined: March 10th, 2015, 6:11 pm

Re: Dealing With Security !

Postby Henrik » September 1st, 2015, 5:51 pm

The only way to make it secure is to only make your achievements table writeable from serverside code, and put all the logic and checking for eligibility there.
Henrik
.IO
 
Posts: 1880
Joined: January 4th, 2010, 1:53 pm

Re: Dealing With Security !

Postby [GD]AlaaNasro » September 2nd, 2015, 8:38 am

Ah got dammit,i can't deal with server-side am trying to avoid it !
[GD]AlaaNasro
 
Posts: 46
Joined: March 10th, 2015, 6:11 pm

Re: Dealing With Security !

Postby Guillaume » September 2nd, 2015, 10:04 am

Like everyone say:

"You can not trust the client"
Guillaume
 
Posts: 277
Joined: March 28th, 2014, 1:59 am
Location: France

Re: Dealing With Security !

Postby [GD]AlaaNasro » September 2nd, 2015, 1:57 pm

Am stuck now
[GD]AlaaNasro
 
Posts: 46
Joined: March 10th, 2015, 6:11 pm

Re: Dealing With Security !

Postby Henrik » September 2nd, 2015, 7:15 pm

Anything you allow your client can do, anyone else can create a modified client that does the same things. If your client can write to a BigDB table, anyone can write whatever to that table. If your client can give PayVault items, anyone can give themselves PayVault items.

The only way to secure your game is to lock down the client into basically read-only mode, and only modify BigDB and similar from client-side code, and only do so once you've validated that whatever write you want to do is actually ok.

Remember that you can use service-rooms to just distribute players nicely into a multiplayer room so that you have someplace to send messages and run code, that way you don't have to worry about room management.
Henrik
.IO
 
Posts: 1880
Joined: January 4th, 2010, 1:53 pm

Re: Dealing With Security !

Postby [GD]AlaaNasro » September 3rd, 2015, 7:48 am

Henrik,i know the solution i just don't know much about server-side...
[GD]AlaaNasro
 
Posts: 46
Joined: March 10th, 2015, 6:11 pm


Return to BigDB