Got an itching for dabbling in multiplayer

Questions about the LÖVE API, installing LÖVE and other support related questions go here.
Forum rules
Before you make a thread asking for help, read this.
Post Reply
User avatar
Bobble68
Party member
Posts: 156
Joined: Wed Nov 30, 2022 9:16 pm
Contact:

Got an itching for dabbling in multiplayer

Post by Bobble68 »

Anything I should know about the dark art so I don't get myself hacked or something?
Dragon
User avatar
GVovkiv
Party member
Posts: 668
Joined: Fri Jan 15, 2021 7:29 am

Re: Got an itching for dabbling in multiplayer

Post by GVovkiv »

If by "hacked" you mean "prevent cheating in my game" then i think there some advices that you might take into account:
(at least in client-server model)
1. Never trust data that comes from clients to server.
It's good idea to always sanitise data that comes from clients on server side (even if your game has client side data sanitisation, you can never trust, if client REALLY sanitised it, since with cheats you can bypass it on your client and nobody will stop you), so you will be 100% sure, that data was sanitised

2. Don't allow clients directly manipulate variables.
What i mean by this: let's say, server contain x and y for every players as their position. You could allow clients to process movement on their side and then send it back to server. It opens client to be able manipulate position with cheats.
What you might want to do instead, is: client only sends inputs (i press A, so i want to move left), server sanitize it, process movement on it's side and only then sent x and y data to client.
And same should be done with most of game data, like hp, position, etc.
Clients should be able to request something and only server should decide, it it's possible.

3. Game should have ban/kicking system, so you always should be able to kick/ban malicious players. Even today, some games doesn't have such system, so if cheater connects, all you can do is stop/restart server.

4. There should be option in game that prevent getting non-gameplay data from other clients. Such data as:
text chat, voice chat, sprays, etc. It's not directly about cheating, but rather exploits, legal issues, medical.
If your game has text chat, there 100% will be that one guy, who will spam slurs in it. So you should add option to disable chat entirely and/or text chat from specific player.
If you have voice chat, same principle there.
And staff like sprays or custom data also might be dangerous. In Source games, you can make sprays. Insert some image, spray it in in-game world and other players will see it. So, as you can guess, people will be able to place there stuff like porn, violence, etc, which people might not be okay with. So, yet again, you should be able to entirely disable them.
There also exploit related problems with it. In same Source engine, people found out way to put scripts and executables in this images. So you was able to put virus in it, spray in-game and every player on server would get this virus (unless they disable sprays themself).
And if image, that you could send can be animated, there 100% will be someone who put epileptic shit in it. So don't forget about this.
Post Reply

Who is online

Users browsing this forum: No registered users and 49 guests