PlusEmu and DDoS HELP

[ShalawHibblo]

What happens to PlusEmu receiving zombies connections? I say this because I have proxcy http and tcp and have never lay my site and the client , but now the new way is to inject zombies connections to the emulator , so much so that sometimes get to 3400 online . And there are real connections and are thwarting my hotel , and when they reach those connections not allow anyone to connect, the client stays at 76%



What should I do? that this problem is due , if all are in and starts the attack, nobody falls or is disconnected, the website never falls only thing that happens is that nobody can enter again because the client does not exceed 76%

You not see that happening ? look at the time of the connections are followed 100 connections per second . And I have put only 100 connections per IP so you can see the problem , but I've tried "game.tcp.conperip=2147483"

How can i fix that?

 

[MayoMayn]

@Sentinel you could provide the example of loading info using ajax and then he could add bitninja to that = problem solved!

Here's an example:

public function checkXMLHttpRequest() {
        if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) ||
        strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != "xmlhttprequest") {
           die(http_response_code(403));
        }
   }
if(isset($_GET['ajax']) && $_GET['ajax'] == "callback") {
    $core->checkXMLHttpRequest();
   if(!isset($_POST['ajax']) || $_POST['ajax'] != "data")
       die(http_response_code(403));
   echo '{"HOST": "'.$config->hotel('server_ip').'", "PORT": "'.$config->hotel('bind_tcp_port').'", "SWF": "'.$config->hotel('swf_folder').'"}';
   exit();
}

client.php

var BaseUrl="{hotelurl}/swfs/gordon/"+SWF;
var flashvars={"connection.info.host":FUCK,"connection.info.port":OFF};

Then in your swfobject javascript file, add this:

var g=null;
$.ajax({
url:"/ajax/game/callback",
data:"ajax=data",
dataType:"json",
method:"POST",
async:false,
success:function(c){
g=c;}
});
var FUCK=g.HOST;
var OFF=g.PORT;
var SWF=g.SWF;

It's not 100% safe, because you can still use console.log like I mentioned above, or make an external ajax request on another server to receive the IP, but like 0 thinks about that.

 

[ShalawHibblo]

I found the problem!

 

[MayoMayn]

I found the problem!

Care to elaborate for others to enjoy, if the same problem occurs to them?

Sent from my SM-G928F using Tapatalk

 

[Zaka]

I found the problem!

Please provide this thread with your solution for other users to find, I've seen multiple users have the same issue.

 

[percocet]

Please provide a solution so future users (like myself) can see.