As a developer I’d like to stop paying users 10-50k for “protection” to stop them from hitting my games offline.
I’d like to start out by saying i’m not to informed on Robloxs back end and how they currently handle this issue or if they have any protection against it at all but at the moment its a huge issue.
This has been an on-going issue for months and I’ve always tended to shy away from posting anything here because I figured its something that a fix is currently in the work for but at this point its starting to cost me money.
Right now users will join my game, and start hitting it offline until I pay them robux to stop, this obviously isnt an issue that effects large scale games but for us down here who are running groups that only average 60-150 players throughout the day this is a issue. We have had 3-4 days in a row in my group of our average player count being sub 20 compared to its normal 70-100 because of a single user who even while banned is able to join on his banned account, and get the server ip even with him being instantly kicked by the ban script.
Please realize this is a major issue for us little guys and something needs to be done.
Uhhh I think your problem is you are submitting to black mail and therefore will always have people threatening you with shutdowns if you don’t give them robux. Better to just ignore them until they go away.
You would be surprised how toxic and committed some of these people can be, and when it comes down to either losing hundreds of thousands of Robux compared to just paying 50k to get it to stop until someone else comes along, one of those choices is obviously better.
Well as long as they can connect to the server they can get its IP and DDoS it. Nothing Roblox can really do honestly. PS4 and Xbox has DDoS issues a few years ago and it took them weeks to fix and stop the people. I doubt they even fixed their servers vulnerability.
I don’t know much about DDoS protection but I just feel like there should be a way to detect a sudden burst of packets/connections or w/e they are doing and mitigate those packets/connections or ignore them as a whole.
DoS is easy to detect. DDoS is more tricky, but definitely still doable, especially in a game, because you can just check if the request is actually someone in the game. That’s perhaps an over simplication though.
Also OP are you sure it’s a DDoS and not something else?
You’d be better off not submitting to the blackmail and instead spending your time on getting their accounts terminated. Dev Rel is super helpful with all issues developer and I’m sure they’d be more than happy to help in any capacity they can. You may also try reaching out to some users who have the certified reporter thing or whatever it’s called.
I am not sure what you mean by this. A user should not have access to a banned account.
I do not know if this would help you at all but this is my idea.
In this scenario you could change the starter place to a select to a main menu screen which only allows one player. This menu could contain something like join friends, normal play and play new server. The idea here is that a player has the ability to change or create a server to avoid the one being attacked.
Fun method you could try: make your main server a 1 player server which only teleports people in the group to the main group rally place. If they can’t join, they can’t take it offline.
)