<div>
You might look at a front end proxy service. Besides mitigating DOS attacks, this can improve responsiveness of your website, particularly for non local users. &nbsp;I have had a good run with Cloudflare. <br />
<br />
<a href="https://www.cloudflare.com/" rel="ugc">https://www.cloudflare.com/</a>
</div>


<div>
You'll build in these design elements.<br />
<br />
1) Each game must authenticate to the game server to get an authorization token to validate they can play.<br />
<br />
2) The connection between each game client + game server will run over a TLS encrypted connection.<br />
<br />
3) Likely you won't be able to use CloudFlare, because you'll be running on some other port besides 443 + running some game optimized protocol, rather than HTTPS. This means you'll likely build your own caching system into your game server.<br />
<br />
4) In conjunction with your authentication in #1, likely best to have an iptables ipset hash of all IPs which have authenticated. Then only allow traffic to your game server from authenticated IPs. This means the default is all IPs begin as 100% blocked (all ports + protocols), then as authentication occurs, the authenticated IP is added to the ipset which is allowed game server access.<br />
<br />
#4 handles the case of someone doing a DDOS attack against your specific game server active port(s), as the default will be to block all IPs initially.
</div>


<div>
Can't miscreants sniff out my secret-server-notification<wbr />-of-client<wbr /> IP's-system, and blow me out anyway?<br />
How do agar.io and slither.io do it? Exactly as above? Don't overwhelming packet floods to a new-game port make game notifications impossible?<br />
<br />
Thanks
</div>


<div>
Is it really that simple, just to shut out certain IP's not on the list? Doesn't the flood overwhelm the system?<br />
<br />
Thanks
</div>


Self Employed

James Hancock

<div>
Suggestion: Might be good for you to hire a variety of consultants for short conversations about how to design...<br />
<br />
1) Security.<br />
<br />
2) User authentication.<br />
<br />
3) Server scalability.<br />
<br />
4) Game ecosystem, for example, if all people will be playing through one game terrain (World of Warcraft) or be playing in small groups (Fortnight). This is a crucial game server design element.<br />
<br />
Best to work out details about all these areas prior to designing any of your game code.
</div>


<div>
Thanks<br />
<br />
That is a great suggestion, to seek help. Don't allow any opportunities for unfixable things later. Especially if I can find a javascript super-guru!<br />
Are u thinking freelancer.com? What, - should I do a whole-job price, or hourly? minimum wage!?
</div>


<div>
If my game is turn based, *like* checkers, or chess, does the non-real-time aspect simplify anything here?<br />
<br />
Thanks
</div>


<div>
We're getting into another question here, so likely best to open a new question, as others may have good input.<br />
<br />
I tell my clients to avoid the normal places for hiring people.<br />
<br />
Instead, look for people who speak about a related topic at Meetup groups or conferences or contribute on GitHub (either running projects or fixing bugs).<br />
<br />
These people tend to have far more expertise, than people working through job sites.<br />
<br />
They may also be more expensive... although... they might be cheaper too...
</div>


<div>
<div class="content wysiwyg-content">
Hi<br />
If I make my game server in Java, with TCP/IP HELO, START and in-game messages, game runs in browser, javascript to my server,<br />
what can I expect as the worst from the unavoidable hackers and miscreants? Floods..<br />
DSS attacks. Are they detectable? Stoppable? Google suggested they are stoppable. I will be using a Godaddy professional private server.<br />
Floods will be a certainty if my game escalates. It would &nbsp;suck, because there will be prizes in contention.<br />
Do Blizzard and Microsoft weed these out? Is this how the old disconnect-hacks worked?<br />
<br />
Thanks
</div>
</div>


Hi
If I make my game server in Java, with TCP/IP HELO, START and in-game messages, game runs in browser, javascript to my server,
what can I expect as the worst from the unavoidable hackers and miscreants? Floods..
DSS attacks. Are they detectable? Stoppable? Google suggested they are stoppable. I will be using a Godaddy professional private server.
Floods will be a certainty if my game escalates. It would  suck, because there will be prizes in contention.
Do Blizzard and Microsoft weed these out? Is this how the old disconnect-hacks worked?

Thanks

How do I stop hackers from flooding out my in-game-server?

Instant messaging (IM) is a type of online chat that offers real-time text transmission over the Internet. A LAN messenger operates in a similar way over a local area network. More advanced instant messaging can add file transfer, clickable hyperlinks, Voice over IP, or video chat. Non-IM types of chat include multicast transmission, usually referred to as "chat rooms". Depending on the IM protocol, the technical architecture can be peer-to-peer (direct point-to-point transmission) or client-server (a central server retransmits messages from the sender to the communication device).

Chat / IM

Game programming is the software development of video games. Game programming requires substantial skill in software engineering as well as specialization in simulation, computer graphics, artificial intelligence, physics, audio programming, and input. Like other software, game development programs are generated from source code to the actual program by a compiler. Source code can be developed with almost any text editor, but most professional game programmers use a full integrated development environment (IDE).

Game Programming

Java is a platform-independent, object-oriented programming language and run-time environment, designed to have as few implementation dependencies as possible such that developers can write one set of code across all platforms using libraries. Most devices will not run Java natively, and require a run-time component to be installed in order to execute a Java program.

Java

Transmission Control Protocol/Internet Protocol (TCP/IP) is the set of networking protocols that define end-to-end connectivity specifying how data should be packeted, addressed, transmitted, routed and received at the destination. This functionality is organized into four abstraction layers which are used to sort all related protocols according to the scope of networking involved.