PROJECT CREATOR

  • The FTB Forum is now read-only, and is here as an archive. To participate in our community discussions, please join our Discord! https://ftb.team/discord
Senseidragon

Senseidragon

Well-Known Member
May 26, 2013
703
319
88
A primitive and simplistic example of a host offering protection might go something like this:

They have a fat (gigabit) connection to the Internet, not some residential "spare server sitting on my desk" setup.
You have an account with them, they give you a DNS address (myneatserver.com) that points to their routers. They give your specific server an internal IP address, let's assume something like 10.1.1.1
You start getting bombarded at myneatserver.com from someplace in Saskatchewan. The host then changes your internal IP to 10.1.1.2 and diverts traffic originating from Saskatchewan to your DNS somewhere else. For the rest of the Internet, your server is still up. For that angry rage-troll in Saskatchewan, they aren't able to affect you. They are still sending a flood of data, but your host is filtering it out for you.

Still, this isn't something significant to worry about at this point. I just brought it up because it is a point of attack for all applications that require authentication.
 
lenscas

lenscas

Over-Achiever
Jul 31, 2013
2,015
1,801
248
Senseidragon said:
A primitive and simplistic example of a host offering protection might go something like this:

They have a fat (gigabit) connection to the Internet, not some residential "spare server sitting on my desk" setup.
You have an account with them, they give you a DNS address (myneatserver.com) that points to their routers. They give your specific server an internal IP address, let's assume something like 10.1.1.1
You start getting bombarded at myneatserver.com from someplace in Saskatchewan. The host then changes your internal IP to 10.1.1.2 and diverts traffic originating from Saskatchewan to your DNS somewhere else. For the rest of the Internet, your server is still up. For that angry rage-troll in Saskatchewan, they aren't able to affect you. They are still sending a flood of data, but your host is filtering it out for you.

Still, this isn't something significant to worry about at this point. I just brought it up because it is a point of attack for all applications that require authentication.
Click to expand...

That may also work but you then would need to find a host that is willing to do so, this cost money and unless it gets big enough to make enough money for a host like that it may just be easier to do what I suggested.
 
LivingAngryCheese

LivingAngryCheese

Over-Achiever
Aug 22, 2014
676
1,580
228
A place
I think my best solution is to make it so every cosmetic item has a unique complicated code (for example, have a simple code like oneoneone twotwotwo threethreethree etc. turn it into binary, replace the 5th and 7th digit with the 1st and 3rd digit, convert it back to alphanumeric and turn it backwards.)
My website will do this automatically and send the email. The mod recognises the code after it tries to decode it, and gives the user the cosmetic perk. This way, an attack on any of the servers I'm using just stops people from getting new cosmetic items until I get it back up.
 
LivingAngryCheese

LivingAngryCheese

Over-Achiever
Aug 22, 2014
676
1,580
228
A place
LivingAngryCheese said:
I think my best solution is to make it so every cosmetic item has a unique complicated code (for example, have a simple code like oneoneone twotwotwo threethreethree etc. turn it into binary, replace the 5th and 7th digit with the 1st and 3rd digit, convert it back to alphanumeric and turn it backwards.)
My website will do this automatically and send the email. The mod recognises the code after it tries to decode it, and gives the user the cosmetic perk. This way, an attack on any of the servers I'm using just stops people from getting new cosmetic items until I get it back up.
Click to expand...
Id mix the numbers around a bit more than that though:

enoenoen�
 
D

dylanpiera

New Member
Jul 29, 2019
161
0
0
I haven't been keeping track here, But i read on the last page a discussion about how the mod shoud work.

I saw you thinking about codes and stuff. But can't you do it like the buycraft API

Every time a person logs in to a world, A quick check is done if they have any perks
The perks and such can then be disabled by a GUI

And the scan thingy you can turn off in the configs. So i'd suggest also adding a command

Not that far in minecraft modding, But i think you shoud be able to create an event on load world that makes it check an online database, And if the check is sucsesful load up some assets for that person. Or they get a message
"XXX Content Pack Unlocked
Please restart client to get it working!"
And if they loadup their world again, It says something like

"You have assets loaded. Press "I" to go to the assets menu"

Whice will be the gui were you can turn them on/off and see how you get one and what they do (if they do anything)
 
lenscas

lenscas

Over-Achiever
Jul 31, 2013
2,015
1,801
248
dylanpiera said:
I haven't been keeping track here, But i read on the last page a discussion about how the mod shoud work.

I saw you thinking about codes and stuff. But can't you do it like the buycraft API

Every time a person logs in to a world, A quick check is done if they have any perks
The perks and such can then be disabled by a GUI

And the scan thingy you can turn off in the configs. So i'd suggest also adding a command

Not that far in minecraft modding, But i think you shoud be able to create an event on load world that makes it check an online database, And if the check is sucsesful load up some assets for that person. Or they get a message
"XXX Content Pack Unlocked
Please restart client to get it working!"
And if they loadup their world again, It says something like

"You have assets loaded. Press "I" to go to the assets menu"

Whice will be the gui were you can turn them on/off and see how you get one and what they do (if they do anything)
Click to expand...

You would never want to send a sql query. Instead you need to send a request to the server->server handles the database and sends data back->client uses data.
 
  • Like
Reactions: Strikingwolf
D

dylanpiera

New Member
Jul 29, 2019
161
0
0
lenscas said:
You would never want to send a sql query. Instead you need to send a request to the server->server handles the database and sends data back->client uses data.
Click to expand...
What i said im not that far into it

But thats what i said right?

Client sends server to check if person has a perk
Server gives response
Client handles response
 
lenscas

lenscas

Over-Achiever
Jul 31, 2013
2,015
1,801
248
dylanpiera said:
What i said im not that far into it

But thats what i said right?

Client sends server to check if person has a perk
Server gives response
Client handles response
Click to expand...

That is pretty much the only way to do it, so yes you are right.
Only thing that needs to be added is a check for which perks are possible on the client side.
 
  • Like
Reactions: dylanpiera
D

dylanpiera

New Member
Jul 29, 2019
161
0
0
And i've been reading some more

I think users shoud be able to Cache their assets it in a "locked away" file

So they can disable the check and not worry about the extra bit of startup lagg

Unless you were planning on making it a subscribtion then that woudn't work.

But in my opinion i can't see a subscribtion service for this working..
 
lenscas

lenscas

Over-Achiever
Jul 31, 2013
2,015
1,801
248
dylanpiera said:
And i've been reading some more

I think users shoud be able to Cache their assets it in a "locked away" file

So they can disable the check and not worry about the extra bit of startup lagg

Unless you were planning on making it a subscribtion then that woudn't work.

But in my opinion i can't see a subscribtion service for this working..
Click to expand...

A fall back method is in my eyes indeed required, that being said I would like it for individual mods that ad perks to determine if they want to use said fall back method, if they do not use it it should give a warning before buying it.

The reason why I say that is because every locked away file on a users hard drive can be unlocked and altered, and I can already see this leading to people abusing it.
 
  • Like
Reactions: dylanpiera
You must log in or register to reply here.
Top Bottom