DISCLAIMER: I am not a scripter in any way, shape or form, please excuse if the language is not correct, or my assumptions are wrong - I am simply a developer trying to create an experience for other players and I am concerned with my game
Recently, my game, City of London, UK - Roblox, has been experiencing heightened amounts of lag that I believe, is not the result of common game latency.
Players are experiencing the following;
Chat not working (chat bubbles do not appear)
Scripts such as teleporters fail to work
Common lag such as reduced frame rate and what looks like higher ping
This had led me to believe that my game is experiencing a DDoS orchestrated by another party. If this is true, I believe the script they are using to grab the server IP and port is (this will put it in Roblox F9 dev console):
local Network = game:GetService("NetworkClient")
Network.ConnectionAccepted:Connect(function(Server, ReplicatorInstance)
_G.Server = Server:gsub("|", ":")
end)
repeat game:GetService("RunService").Heartbeat:Wait() until _G.Server
warn("The server's IP is ".._G.Server)
All they then do is put it into a paid booter service and boom, server hit offline. The only way to remedy this is to find out which accounts are doing it and ban them. Once they have a server IP they can keep lagging/crashing it until you restart to get a new server. However, I have been unable to identify which players are doing it.
I have implemented an age script (<90 days) but to no resolve.
I have extremely high doubts about it being any sort of attack and rather just bad memory management. If you were, for some reason, getting targeted by exploiters to put your game offline, do you not think other people would be talking about it? Bigger games such as adopt me, brookhaven, etc would be unplayable. There are ways players can lag a game with such exploits, such as spam resets, abusing buggy systems, etc, but these are all easy to prevent.
Not necessarily, as they have more servers - any denial of service attacks on one of those games’ servers would have less of an impact overall as there are plenty of other servers that are none the wiser. With smaller games that have fewer active servers, this issue is more noticeable and has more of an impact.
This is not a problem unique to this London game. There are a few users that are going around a bunch of city roleplay games doing exactly this and they make a good target for the DDoSers as they are often low server count and high server capacity so the impact is much larger than a game such as Adopt me.
I have personally experienced this lately and have had to limit the game to certain ranks within the group and make the ranking a manual process so they cannot even press the play button and get the IP.
Greetings. I have been researching this topic a lot, mainly due to groups I work for getting targeted. It appears that ROBLOX also publicly displays the IP and Port of the server through the logs file in your appdata, allowing for people to hit the IP offline, meaning, ROBLOX most likely does not offer much protection for it. This is becoming problematic everywhere. The best things you could do is implement a hub, which A) Prolongs the process for the attackers, and also rank lock the hub/game so it makes it even more difficult for the attacker to go through the process of even entering the game and being able to grab it. Although it might decrease your playercount, I would do this for a few days, as essentially, they most likely get worked up and stop.
Hopefully I have helped you comprehend a bit, although, ROBLOX should really upgrade their security concerning it.
The IP can be grabbed just as easily by experienced network users even if Roblox hides it. Programs such as Wireshark monitor network activity and spit the raknet IP out when connected. This problem would need to be mitigated from the servers themselves by adding some sort of ddos firewall. Creating a hub place will make no difference as the individual just has to get into the server through that hub, a single extra step.
Wow, Roblox talks a big game when it comes to security for the players, if this is true, Roblox will probably end up just like GTA V. (y’know, easily make mod menus to get ips…)
The solution is not so easy. My community has been affected by this for the past few months and the people haven’t seized. If anything of late, it has gotten worse as the group doing the attacks has grown.
You are correct. Hubs are not extra layers of security, they only make the process longer, as I explained previously. Also, I do not think programs like Wireshark work on ROBLOX. I am betting there are other ways to get the IP rather than the logs file and using a few lines of code. Mitigation is possible as well, as you can detect the client ping or FPS drop, and later on mitigate the attack.
There is no ignoring, because some of them do it out of passion, and some do it for ransom. It is hard to tell, usually, when they ask for ransom, you can ignore them, although, if it is out of spite, then their isn’t much you can do. It has been a couple days since this last occurred although, and the community itself seems to be rebuilding itself, which is of course fantastic.
In your particular case, it might be hard to distinguish whether or not this is actually a DDoS attack. Just to be sure, you can try running a private server (a VIP server would work) where only trusted friends have access. Have it active and running for a good while and see how that server runs.
If this private server runs smoothly even with a lot of your friends actively playing the game, then it’s likely an issue caused by an outside source. That could mean a DDoS attack, but it could also just mean a vulnerability somewhere in the game’s code which can be fixed.
If you have a programmer on your team, you can have them run a few tests with the scripts to see what could be causing a vulnerability.
A few people replying think it’s unlikely for your game to experience a DDoS attack due to its popularity. This holds some truth to it, but there’s always the possibility of personal attacks motivated by personal reasons, so I don’t think it’s fair to rule an attack out.
I have witnessed many DDoSed attacks, mainly on my game itself and others I have worked for. It is definitely not due to exploiters or a backdoor. I’ve checked over a thousand times for backdoors or any vulnerabilities. It is most definitely due to DDoS attacks.
