For a project I am working on we want to implement a ban system to prevent hackers and cheaters from playing the game. Currently, to ban a player I set a flag in the player’s data table to indicate whether or not the player is allowed to join a server. I want to be able to set this flag even if I am not in the cheater’s server or when the cheater is offline. I also want to make sure the risk of data loss is minimal. I have come up with an idea on how to tackle this problem, but I want to get some more opinions to ensure my methodology is safe.
My idea describes 3 scenarios:
- The cheater is online in a server I am also in.
- The cheater is online in a server that is full, so I can only join other servers.
- The cheater is not playing the game.
For the first scenario I would be able to directly edit the flag as the cheater’s data is loaded. Then I can kick the cheater. For the second scenario I would use MessagingService to notify other servers that I want to set the ‘banned’ flag in the cheater’s save data. Then, each server would check if the cheater is online in that server and if so, edit the flag for me and kick the player. For the third scenario I would have to load the cheater’s data in the server I am in, change the flag, and then save the data again.
Combining these steps gets a little tricky though, because if scenario 1 is not true, then I would have to assume that both scenarios 2 and 3 are true because I do not think there is a good way to check if either scenario is true. So my final algorithm is as follows:
- Check if the player is online in my server. If so, edit the player’s data and kick the player.
- If 1. is not true, load the player’s data from the DataStore, set the ‘banned’ flag, and save the data again.
- Use MessagingService to notify all other services.
- In each notified server, check if the player is online and if so, set the ‘banned’ flag in the player’s data.
For scenario 1 and 3 this algorithm should be safe and not cause any data loss. However, for scenario 2 there might be some issues. What happens when the player leaves right after I have loaded their data in my server, but before I save the flag change? I assume this would become the latest version that is stored and thus overwrite a couple minutes of data of the cheater. Could there also be a scenario where this wipes confirmation of any purchases that the cheater might have made right as I ban them?
If anyone knows if my current idea is safe or if there is a better approach, please let me know!