Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 11/07/22 in all areas

  1. With the rise of specialised anti-DDoS solutions, it is possible to make your MTA server almost immune to DDoS attacks, should you know how to isolate your other services & ports properly so that the specialised DDoS protection can absorb everything. For example, the market-leading soyoustart and OVH GAME anti-DDoS provides 100% protection with MTA natively supported through their protection layer (if you enable it for your specific MTA server UDP ports in their Hosting Control panel).. so that you can't be DDoSed if the following circumstances are met: * There is no attack method that your hoster, e.g OVH still needs to patch (they surface every now and then, it's a cat and mouse game) * You managed to isolate other services and ports, this requires a serious extent of skill and understanding of networking (like being a sysop or having studied for it) As part of 1 of the isolation steps, securing your HTTP resource download interface can be important. This guide is for that particular thing. If you use the internal HTTP server in MTA server, you aren't protected at all (except for maybe your hoster's general traffic firewall).. if an attacker can't deal serious damage through sending DDoS to your UDP ports, they will usually carry out TCP attacks next. More details on isolating other services & ports may follow in the future in Reserved posts to this topic. Let's get to the point: Basic tutorial for setting up Cloudflare for HTTP server in MTA 1. Add your domain to CloudFlare, using it as your DNS provider. It will tell you what nameservers to assign to your domain 2. Under the DNS tab create an A record for either your subdomain or the domain itself that should point to your Nginx. In here add the IP address to the Nginx server. (NOTE: You should use the standard HTTP port in your Nginx config and use that subdomain as your server_name). Make sure to tick the proxy status to on so that the request is proxied 3. In your mtaserver.conf set httpdownloadurl to whichever (sub)domain you assigned for the downloads You can then further modify your CloudFlare settings to have https, a firewall setup etc. But that's a lot more specific than what you may go with initially. Under "caching", then "configuration" you can setup how the caching itself should work Extra info (to help you understand the logic of this infrastructure): - For using CloudFlare in this way, you need just a domain, no webhost (other than the nginx External HTTP server itself). You need to be able to point the nameservers to Cloudflare. You will have to modify the DNS records at Cloudflare, and point it to your nginx External HTTP server. Since you can't just upload that data to Cloudflare and have them handle it that way The subdomain is essentially just used for Cloudflare to proxy request through, when it has that data cached it will serve it itself If not it will go further to your Nginx server to fetch it, then caches it - It is recommended to use a separate machine (VPS/dedicated server) to host your External HTTP, which Cloudflare is connected to on its time. Why? Because it helps you to isolate from DDoS attacks.. for reasons like these: * keeping your real host IP hidden is crucial to benefit from the added protection of Cloudflare. If you use a host on the same machine as your MTA Server is, it's easy to leak the IP, rendering your CloudFlare useless should they attack it directly rather than where it gets served from (Cloudflare hosts). * if an attack hits your HTTP server after all, load won't get forwarded to your main MTA server machine and immediately freeze its CPU with 100% usage/disconnect all players
    1 point
  2. It means you have used a spoofer in the past. Perhaps to evade a ban for another game in the past. If you undo those changes, you should be good to go. Alternatively, reinstall your operating system.
    0 points
  3. The reason one of the copies don't work is because you check if the click event's source is the element in the table buttons and override the values in that table when creating a duplicate copy. If you want both windows to work properly, you should avoid the if source == [some element] then and instead add a false argument after the handler function in addEventHandler. For example addEventHandler("onDgsMouseClick", buttons[11], function() triggerServerEvent("vehlib:deleteVehicle", localPlayer, id) closeConfirmDelete() playSuccess() end, false) That false means the function should not be called for any element other than the element the event is bound to, button[11] at the time the handler was attached; the binding does not change if you later change what buttons[11] references.
    0 points
×
×
  • Create New...