Java Login Server Flood Protection
https://stackoverflow.com/questions/6084270
-
09-09-2020 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
my java server is currently being DDoSed by thousands of different ip's. To counter it, i've been blocking the ip's through the dedicated servers firewall. However just more and more keep coming. This attack is flooding my login server causing players to not be able to login.
I've asked on other places such as a forum for my type of java application, and i've gotten barely any answers. However they told me it's a form of DDoS, also another user referred me to this however I don't believe this would work. http://www.java2s.com/Open-Source/Java-Document/Net/mina-2.0.0-M1/org/apache/mina/filter/firewall/ConnectionThrottleFilter.java.htm
So apparently it's a DoS on my login server, anyone have any clues? I'll provide the login server's main framework below.
try {
shutdownClientHandler = false;
clientListener = new java.net.ServerSocket(serverlistenerPort, 1, null);
misc.println("Login server is now online!");
while (true) {
try {
java.net.Socket s = clientListener.accept();
s.setTcpNoDelay(true);
String connectingHost = s.getInetAddress().getHostName();
if (true) {
if (checkLog("flooders", connectingHost)) {
//misc.println("Flooder Detected, closing connection.");
s.close(); // Closes the connection immediately.
} else {
connections.add(connectingHost);
if (checkHost(connectingHost)) {
misc.println("Connection from "+connectingHost+":"+s.getPort());
try {
playerHandler.newPlayerClient(s, connectingHost);
} catch (Exception E) {misc.println("Login Server crash detected. Protecting...");
s.close();
}
} else {
misc.println("ClientHandler: Rejected "+connectingHost+":"+s.getPort());
s.close();
}
}
} else {
misc.println("ClientHandler: Rejected "+connectingHost+":"+s.getPort());
s.close();
}
Thread.sleep(30;
} catch (Exception e) {
logError(e.getMessage());
}
}
} catch (java.io.IOException ioe) {
if (!shutdownClientHandler) {
misc.println("World is already online!");
} else {
misc.println("ClientHandler was shut down.");
}
}
Solution
There are a few options to try to deal with a DDoS, but you need to make certain certain parts are optimized.
For example, your checkLog function needs to be amazingly fast, so you may want to use a 'hashmap' perhaps, so you can quickly check, but, to ensure everything goes fast you may want to look at the ConcurrentHashMap (http://download.oracle.com/javase/1,5.0/docs/api/java/util/concurrent/ConcurrentHashMap.html), so you can better read and write to it.
You could also look at load-balancing your front-end, so that one server isn't having to do everything.
Depending on what actions needs to be done on the server, find a quick way to verify that someone has been authenticated, but this could slow down your server if you don't have special hardware to better handle decryption of a token, for example.
You may also want to look at using NIO (http://tutorials.jenkov.com/java-nio/index.html), to better scale to a large number of connections.
OTHER TIPS
Ideally, you would not want to have the malicious requests hit your application at all but rather intercept/drop the traffic before it reaches your application servers. This way your read clients will not encounter any issues e. g. with degraded performance while the attack is under way.
ServerFault may be a good place to ask, if you intend going down that road.
