Our experience Pinewood Computer Core has been target of repeated attacks, three nights in a row so far and around this time 8PM EST
As far as we’re aware we are using UDMUX servers which should theoretically protect from this to a degree.
The user jumps from server to server and it instantaneously crashes, we’ve not found any useful information from F9 such as unusual script data that could point to any culprit at the moment of it happening but have included some client logs.
Some people experience the crash differently, some see the server “freeze”, and others get a lost connection error.
Is there anything we can do to prevent this at this point?
We’re going to include client logs we recorded for the Roblox team to view which is at the moment of two servers crashing.
If it’s instantly crashing then it could possibly not be a DDOS attack but instead something like a backdoor or something an exploiter can abuse to cause large amounts of lag
There are combinations of certain UGC packages that can crash servers as soon as the user joins. There was a Flamingo video on this;
I’m not aware of any specific combinations, but I assume it’s some weird layering issue that causes Roblox to flip out when trying to render it.
I don’t think there’s much developers can do against this, but if the attacks are more frequent you could implement a script to immediately remove layered clothing from characters as they load. Not sure if Roblox will render the characters before you have a chance to clear the UGC, but it’s worth a shot.
My solution is just to use R6. But he’s going to yell at me. So maybe disable layered clothing until this is fixed?
(edit): Perhaps hide their character behind a loading screen, that will not show for anybody else? This will crash them before it crashes anybody else.
The ideas are appreciated. We can confirm layered clothing is not the issue after some observation, the crasher joins on alternate accounts with no custom items at all owned, standard avatar. The server instantaneously crashes, no clues as to why such as holding a specific item, pressing a specific button, no slow down prior to the crash or sudden increased script resources shown in the profiler, just an instant end of the server symptomatic of a DDOS attack. We’ve included some details in the private message.
As a moderator for this game I can confirm that these attacks are still ongoing and when the user joins and spams "[THIS SERVER IS UNDER ATTACK] " the server proceeds to go down. We fully believe this is a DDOS attack and not a vulnerability in the game itself.
If you’ve already tried disabling R6, Rthro, and making sure it’s not backdoors or lag, it’d be a Roblox issue which you’d have to contact Roblox themselves, I’d assume you would have already done this, but if you haven’t, this is a good thing to do.
Our team has conducted analysis on your experience and did not find any user activity(DDoS attack) to the server that caused heavy processing time that would trigger latency on the network thread. However, our team did detect a handful of events that showed backlog on the replicator queues. It’s possible that some other heavy computation on your experience (async jobs, server scripts, physics parallel threads, etc.) is the cause of the issue you’re experiencing.
This is valuable information as it at the very least rules out our initial thoughts. We’re going to experiment with new rate limits in key areas and report back if we see any changes to the attacks. Thank you for the response, we really appreciate the help in investigating this.