No, I think you don’t get it, he’s somehow making SERVER Lag, even ‘Slow game’ appears, the game isn’t laggy at all (AT ALL) we got chunk loading system,disconnection on events, breaking loops.
But when he comes, he lags a lot the game no clue how.
EDIT: he’s ‘DDOSING’ (no clue what’s that)
Add some debugging info to any events that have a high performance impact - loading chunks for example; if they’re doing that at a sufficiently high rate that could slow the game to a halt.
Next time you have this issue, you can try and spot patterns and see how the attackers is exploiting your game, and then either remove that avenue of attack or write a script to detect these attack patterns and ban the account.
First off, it’s not an edit if you make a new reply! Second off, a DoS attack is a denial of service attack. Effectively they are overloading your game with some sort of action in a way that the game cannot keep up with. Tom Scott’s Computerphile video " The Attack That Could Disrupt The Whole Internet" explains this.
7 Likes
Than I guess there’s no way to detect DoS attack?
That’s definitely not what I said - if there was no way to detect a DoS attack the internet would not have survived this long. The theoretical chunk loading spam I described is a form of DoS attack, so my original advice still stands.
He still can do it with the chunk loading, ok so, for example, the way of lagging could be maybe, if I got a Car Spawner, if he spams it up, it might cause lag? ( I mean obviously it will, but do you think he’s doing something similar to that?)
Maybe once you find a server that got hacked, you could kick all of the players in that server and then use the console to try to find what is wrong. Maybe use workspace:GetDecentants? Also, (in studio) you might want to add a debounce where the remote event can only be fired once every half second or something, if it’s the remote event that’s being comprimised.
Yeah exactly, that would count as a DoS attack. As @GodpraiserNOW suggested, a debounce would be useful if you want to limit the rate of a single action, however I wouldn’t recommend kicking all the players in a compromised server - again, that feels like a band-aid on a bullet wound.
If there was a way to ip ban, it will be a horrable idea.
I would not have random people picking up my ip.
No I believe it’s against guidelines to have a way to poison ban someone.
That would be unnecessary, if the server gets hacked it’s probably because you haven’t secured remotes, not because of Roblox.
1 Like
Um, I searched up the username and I don’t see anything wrong with him, but the account age.
The remote signals alone are not the cause of your lag. I have a Pistol that replicates the look direction, so others can see the shooter aiming with the muzzle pointed at the direction they’re firing. Originally I did not unbind the replicator upon unequip, and so if you spam equipped you’d get like a hundred of these 10HZ replicators going off to the server. What would happen? Roblox would increase your ping until it became so high, like 36000 that you’d disconnect. Like an inflammation response, the server just distanced itself from the erratic client until it wasn’t even in contact with it.
Since with FE no local client processes can effect other clients, it’s the server behavior your hacker is requesting that is a problem. For instance, chunk loading, or anything else of that magnitude a client can request of the server with no delay can be taken advantage of. And far before replication inflammation takes effect! This is probably what he’s doing, just add a cool down. Avoid throwing out an autoban; a backed up pile of requests from a laggy client with a stuttered connection could look the same to the server as a malicious spamming.
You were previously able to trace ban by setting a property of a client, which would then replicate across clients by doing UserSettings():GetService'UserGameSettings'.RCCProfilerRecordFrameRate = n and then checking if it was said number everytime they joined.
This was patched because Roblox does not allow you to do this; you should focus on fixing bugs in the game instead of banning people that abuse them - the latter would just annoy people until stopped or fixed.
2 Likes
If you want to frustrate him, make it so that only players who are a week old can play your game.
There’s a lot of account dumps (I found one with 5,000+ 2 year old accounts just now) made specifically so exploiters don’t have to worry about this.
It still helps. It definitely would be a good solution against our current monster named captcha.
I’m unsure how captcha has anything to do with this?
It doesn’t, I was just saying that account age is generally a good fix-all.