RTS servers - why does Blizzard go client side, if it's hackable ?


Everybody knows I m making a Java RTS ;)
It is going okay. Except for keeping the game-state on the server.
Now I know why Blizzard puts the in-game-state on a client. It's the simple way. - You don't need to have a million machines available to handle servers for the number of global games. It's how my first RTS worked and it was relatively uncomplicated. I assume a server cant share a machine with another server? even if they have a working system not to clash ports?
It's impossible to have enough global computers to host all of the games that are played simultaneously. - Blizzard's decision to go client side.
Are there any RTS's out there that have an un-hackable client, that can host all the servers needed globally? How?
Why does Blizzard still go client side? All their RTS's are hacked insanely. Are my problems their problems?
Say my game spawns 1000 games, where do their servers exist?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Gary PattersonVP Technology / Senior Consultant Commented:
From a computer security point of view, there is no such thing as an "unhackable client".  If you give unknown users access to your client program and to the data stream between client and server, and the ability to install it on insecure hardware in an insecure operating system on an insecure network, some users are going to develop exploits.  It happens in any kind of widely-used system - not just games.

Blizzard elects to delegate a lot of processing to the client for performance reasons and cost reasons, and yes, if you are successful, you'll probably have the same basic problems.

"Say my game spawns 1000 games, where do their servers exist?"

Not sure what you mean.   You have three basic architecture choices:

1) Single player architecture- no server, only a client.

2) Peer-to-peer multiplayer architecture.  No central servers.  One peer functions as server, or peers playing together share server responsibilities.

3) Server-based architecture.  Somebody - usually the game developer - provides servers.  That would be you. :-)   So you would build or rent a server farm, or pay someone to do it for you.
beavoidAuthor Commented:
I am maintaining the game-state on the server, in Java, so each client is only sent valid vision, - there is nothing to hack. That is what I mean by un-hackable. I need a venue that can run my Java server's code.
Do you know if any games out there do this? because I cant think of a way to spring up the server safely, especially if I have 1000's of global games. A client side server would be hacked silly, so I cant think of a place to house them safely. Would a server farm's server be practically the same speed as if it was on another machine in my office? slower? I know they cost a fortune. Are there second tier servers for modest projects like my Java RTS server? - That perform as well? How about these Java servers here?  
If you want a lot of cheap servers, usually the place to put them these days is either Amazon's cloud http://aws.amazon.com/ or Google's cloud https://cloud.google.com/.

Both will rent you servers by the hour and provide tools to automatically scale up the number of servers you're using as the load rises.

Generally you run many games on a single server (assuming your code is efficiently written).  We run a non-RTS game that supports 2,000 players per server instance using pretty small servers.  Your mileage may vary.

To my knowledge Blizzard's games all use Battle.net and store their key game state server side.  That doesn't prevent all hacks - but it removes the worst offenders.  E.g. you can't hack the game to simply declare yourself the winner instantly on start, which for a pure client side game is GUARANTEED to be possible.

There are still lots of hacks that people engage in that give them advantages.  E.g. In an RTS game having a single button I can press that 'selects my home base, builds the main melee unit, then reselects my army and moves the focus back to the army' gives me a huge advantage.  It's those sorts of hacks that folks like Blizzard still need to defend against and preventing that level of hack is very hard - because the client is only doing things that the client is allowed to do.  It's just doing them faster than humanly possible.  So then you get into analyzing the traffic from the client and looking at how quickly and how repetitively a player acts etc.

So to make your game professional grade still requires a lot of work if you keep the game state server side.  But if you don't store your game state server side you have zero change of building a pro grade game - if it's any good it'll be hacked early and ruined.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
David Johnson, CD, MVPOwnerCommented:
what you need is a cloud provider to load balance your game server(s) with the ability to scale up or down as needed, and a database on the backend (again clustered) for the game state.
beavoidAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Game Programming

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.