RTS servers - why does Blizzard go client side, if it's hackable ?

Posted on 2014-08-05
Last Modified: 2014-08-08

Everybody knows I m making a Java RTS ;)
It is going okay. Except for keeping the game-state on the server.
Now I know why Blizzard puts the in-game-state on a client. It's the simple way. - You don't need to have a million machines available to handle servers for the number of global games. It's how my first RTS worked and it was relatively uncomplicated. I assume a server cant share a machine with another server? even if they have a working system not to clash ports?
It's impossible to have enough global computers to host all of the games that are played simultaneously. - Blizzard's decision to go client side.
Are there any RTS's out there that have an un-hackable client, that can host all the servers needed globally? How?
Why does Blizzard still go client side? All their RTS's are hacked insanely. Are my problems their problems?
Say my game spawns 1000 games, where do their servers exist?
Question by:beavoid
    LVL 34

    Assisted Solution

    by:Gary Patterson
    From a computer security point of view, there is no such thing as an "unhackable client".  If you give unknown users access to your client program and to the data stream between client and server, and the ability to install it on insecure hardware in an insecure operating system on an insecure network, some users are going to develop exploits.  It happens in any kind of widely-used system - not just games.

    Blizzard elects to delegate a lot of processing to the client for performance reasons and cost reasons, and yes, if you are successful, you'll probably have the same basic problems.

    "Say my game spawns 1000 games, where do their servers exist?"

    Not sure what you mean.   You have three basic architecture choices:

    1) Single player architecture- no server, only a client.

    2) Peer-to-peer multiplayer architecture.  No central servers.  One peer functions as server, or peers playing together share server responsibilities.

    3) Server-based architecture.  Somebody - usually the game developer - provides servers.  That would be you. :-)   So you would build or rent a server farm, or pay someone to do it for you.

    Author Comment

    I am maintaining the game-state on the server, in Java, so each client is only sent valid vision, - there is nothing to hack. That is what I mean by un-hackable. I need a venue that can run my Java server's code.
    Do you know if any games out there do this? because I cant think of a way to spring up the server safely, especially if I have 1000's of global games. A client side server would be hacked silly, so I cant think of a place to house them safely. Would a server farm's server be practically the same speed as if it was on another machine in my office? slower? I know they cost a fortune. Are there second tier servers for modest projects like my Java RTS server? - That perform as well? How about these Java servers here?  
    LVL 26

    Accepted Solution

    If you want a lot of cheap servers, usually the place to put them these days is either Amazon's cloud or Google's cloud

    Both will rent you servers by the hour and provide tools to automatically scale up the number of servers you're using as the load rises.

    Generally you run many games on a single server (assuming your code is efficiently written).  We run a non-RTS game that supports 2,000 players per server instance using pretty small servers.  Your mileage may vary.

    To my knowledge Blizzard's games all use and store their key game state server side.  That doesn't prevent all hacks - but it removes the worst offenders.  E.g. you can't hack the game to simply declare yourself the winner instantly on start, which for a pure client side game is GUARANTEED to be possible.

    There are still lots of hacks that people engage in that give them advantages.  E.g. In an RTS game having a single button I can press that 'selects my home base, builds the main melee unit, then reselects my army and moves the focus back to the army' gives me a huge advantage.  It's those sorts of hacks that folks like Blizzard still need to defend against and preventing that level of hack is very hard - because the client is only doing things that the client is allowed to do.  It's just doing them faster than humanly possible.  So then you get into analyzing the traffic from the client and looking at how quickly and how repetitively a player acts etc.

    So to make your game professional grade still requires a lot of work if you keep the game state server side.  But if you don't store your game state server side you have zero change of building a pro grade game - if it's any good it'll be hacked early and ruined.

    LVL 77

    Assisted Solution

    by:David Johnson, CD, MVP
    what you need is a cloud provider to load balance your game server(s) with the ability to scale up or down as needed, and a database on the backend (again clustered) for the game state.

    Author Closing Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Since upgrading to Office 2013 or higher installing the Smart Indenter addin will fail. This article will explain how to install it so it will work regardless of the Office version installed.
    A short article about problems I had with the new location API and permissions in Marshmallow
    An introduction to basic programming syntax in Java by creating a simple program. Viewers can follow the tutorial as they create their first class in Java. Definitions and explanations about each element are given to help prepare viewers for future …
    In this fourth video of the Xpdf series, we discuss and demonstrate the PDFinfo utility, which retrieves the contents of a PDF's Info Dictionary, as well as some other information, including the page count. We show how to isolate the page count in a…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now