IP banning

[Sunchaser]

I quickly read some forum posts on the matter and i will read them in details later.
I need to quickly set up a IP banning function (yes, i already have multis that are creating new users even after a ban)

I thought to implement it as follow:

1) create a ip_banned table with ip_address in it. I will insert manually an ip address to ban
2) at every request (kohana has hooks so you can do some actions on every request) if the ip is in the table => destroy the session.

I thought to put the check at login level because the check can be heavy for the server but with this check i can kickout from the game the player at the next request.

Any help/thoughts?

thanks

[codestryke]

We go about it a bit differently just to reduce additional hits to the database. We have an IP ban table but that is only checked during login / account creation. Each player record has an account status field (normal, suspended, banned). When we load the player record we check to see if that status is banned and then redirect them out of the site.

Your way will work just as well it will just cause additional hits to the database to check the IP ban table (I think as I'm not sure what Kohana is).

If they are really being a pain I would ban them via .htaccess which gets rid of them at the web server level, or if your savy with *nix you could block them at the netcard level as well   However please note that if they are already causing trouble and creating multi's an IP ban might not be all that effective as with most ISP's all it takes is to reboot the router to get a new IP address.

[Chris]

We go about it a bit differently just to reduce additional hits to the database. We have an IP ban table but that is only checked during login / account creation.

The same with me.

But I have no separate IP ban table, but "special" table that holds all sort of small things. The entry with typestring="ipban" hold ip bans for example A bit similar to LOTGD structure, but I only use it for small thing and it is never heavily querried.

As for kicking the player out of the game I have 1 boolean value on the main players table, if it is set to 1 it includes additional php file (containg some banning features and anticheat checks, it can be used for selective ban checks). But I think it is a bit overdoing it
But it is rarely used, in normal cases moderators just mute the player to prevent spam and we wait till he logs out so the normal (during login) ban check could catch him.

[JGadrow]

Not to mention, are you certain that the accounts are multiple accounts from the same player? They could be 2 separate players but on a network that records only 1 outbound IP address (such as a school or office network). A game I used to play on years ago (Astro Empires) used to have it in their ToS agreement that you would be banned for having the same IP as another player regardless if you were actually a multi-account or not. However, if both accounts were premium accounts and didn't have any in-game interaction, then they allowed those accounts to be fully playable.

Seriously, though, the best way to prevent multi-accounting is to design the game and/or system so that having multiple accounts confers no benefit to a player.

[Sunchaser]

Basicly i have 3 way to exchange items, all of them traced:

Send: it costs coins and delivers the item(s) after some time, i think it's not worth to send a lot of items.

Market: this is used to exchange money by selling (for example) one item for a big amount. I think i can put a limit on a item price by setting a cap of +/-10% on average price of same item on the market.

Donate item to structures: this could be abused easily if the owner of the structure (castle/royal palace) is multiaccount; no clue how to fix it.

[JGadrow]

There's a few questions that might be of help then:

What is the point of the "donate to structure" feature?
Is the feature heavily used?
Are the majority of users using this feature as intended, or as an exploit for getting around trading?

A good way to help prevent exploit of this kind of feature would be to limit throughput. Instead of allowing a dump of all of their resources, maybe they're only allowed to send up to 10% of their current stock values. Or, 10% of their current resource generation (which may be even smaller than their stockpile).

To top it off, you should place a cool-down on the feature. For instance, if someone can donate 10% of their resources then you've just added a little aggrivation. They just have to click it 10 times now for each account donating resources. However, if you limit it to 10% of their resources and the structure owner can only receive one donation within a 24-hour timeframe, you've now drastically reduced the benefit that can be achieved through this medium.

[Chris]

Seriously, though, the best way to prevent multi-accounting is to design the game and/or system so that having multiple accounts confers no benefit to a player.

I used to think that so. But my believes are starting to get shattered. I have a game with really low incentive for multis (no transfer of goods, no trade), still... players find reasons to make these stupid additional accounts I think they will find a reason no matter what, like adding one more memebr to their clan so it looks more cool

you've just added a little aggrivation.

Aggraviation does not work too well. If there is a gain, they will do it. You underestimate craziness of a typical player

[JGadrow]

I used to think that so. But my believes are starting to get shattered. I have a game with really low incentive for multis (no transfer of goods, no trade), still... players find reasons to make these stupid additional accounts I think they will find a reason no matter what, like adding one more memebr to their clan so it looks more cool

Yup, I never said people won't make multiple accounts if you remove the incentive. But if it has no actual impact on the game (ie: a non-multi-account player is just as powerful as a multi-accounter) then what's the difference? You should be happy that somebody is so enamored with your game that they spend so much time playing it.

Aggraviation does not work too well. If there is a gain, they will do it. You underestimate craziness of a typical player

This quote was taken out of context. I had meant that "just adding aggrivation" is not an effective means of combating multi-accounts. They'll just gripe a little to themselves while doing it. Then I gave an example of how to take solutions to actually reduce / remove the benefit which would cause a multi-accounter to go... "Well, I'll still get 2 extra gold a day... After 200 days, that's an extra flobbity-jib!" Again, they'll still do it. But now they're not instantly rewarded.

Think of designing against multi-accounting as you would the same way about securing your code. It's impossible to 100% secure it. However, you can throw so many road blocks in their path that it's not really worth it. If they still choose to... at least it'll have no real impact on your game and the other players who prefer onto to have a single account.

[dsheroh]

However please note that if they are already causing trouble and creating multi's an IP ban might not be all that effective as with most ISP's all it takes is to reboot the router to get a new IP address.

Although that's theoretically true, it's not quite that simple in practice.  Both DHCP client and DHCP server devices normally remember the last IP address assigned to the client (i.e., the user's router).  Client devices will generally request in their DHCPDISCOVER message that they be reassigned their previous address and, per RFC 2131, the server SHOULD give the client the same address that it previously had according to the server's records if that address is available and, if not, then the address requested by the client (again, if it's available).  Unless the ISP has specifically modified their DHCP server software to behave differently, the router's IP address will change when rebooted only if, during the reboot, that address was reassigned to somebody else.

In practice, with both US and Swedish ISPs that only offer dynamic IP addresses, I've consistently kept the same address for the entire duration of my time as a customer - generally multiple years - despite many reboots, connectivity outages, power outages, and even multi-week shutdowns while taking trips.  I've only had a DHCP address changed on me once, and that was because the ISP had overhauled their infrastructure and moved their IP addresses into a different range, so my old address was no longer available in their address pool.

Of course, attempting to use IP address to uniquely identify a particular user or device over the internet has other, much bigger problems (mainly revolving around proxies and reverse-proxies), so I'd still try to avoid relying on it if possible.

Seriously, though, the best way to prevent multi-accounting is to design the game and/or system so that having multiple accounts confers no benefit to a player.

Indeed.  Although I don't look at it so much as a matter of "if I design this way, then people won't multi" as of "if I design this way, then it won't matter if people multi, so I have no reason to care if they do".

[Chris]

This quote was taken out of context. I had meant that "just adding aggrivation" is not an effective means of combating multi-accounts.

As they say, you say one thing, people hear another

Indeed.  Although I don't look at it so much as a matter of "if I design this way, then people won't multi" as of "if I design this way, then it won't matter if people multi, so I have no reason to care if they do".

In theory, yes. In practice you can do it only one way, by limiting players' interaction. To get truly non multi incentive game you have to turn the game into a singleplayer game (maybe with just added ranking, like in flash games).

[JGadrow]

Indeed.  Although I don't look at it so much as a matter of "if I design this way, then people won't multi" as of "if I design this way, then it won't matter if people multi, so I have no reason to care if they do".

That's a much better way of stating what my intentions were.

In theory, yes. In practice you can do it only one way, by limiting players' interaction. To get truly non multi incentive game you have to turn the game into a singleplayer game (maybe with just added ranking, like in flash games).

Not true. Take a very classic example: Chess. If you put chess online and had players playing against one another there is only one possibility of multi-account benefit: win trading. And that is easy enough to reduce the likelihood by only allowing randomly matched games to count towards the official record / score / whatever. By all means, let them play anyone they want, but only count it if they had no choice in which opponent they played.

The game can then be played without any need to care if someone is using multiple accounts or not since there is no benefit for those players. The value of multi-accounts arises purely from game and system design decisions. Fix the underlying issues and you don't have to care if someone is making so many accounts that they spend all of their time on your server.

[Sunchaser]

There's a few questions that might be of help then:

What is the point of the "donate to structure" feature?
Is the feature heavily used?
Are the majority of users using this feature as intended, or as an exploit for getting around trading?

Citizens may donate items or money to 'structures' (city castle, royal palace etc). The functionality is not yet heavily used but only for a matter of the small player base. I don't think it is used as an exploit. Up to now, i noticed only the market 'trick'.

PS: I agree with Chris, i think it would be hard to design for making multiaccounting non-beneficial
and it would mean reducing player interaction.

I uploaded now suspension and cancelation of users, and IP banning. Probably i will write down some scripts that warns about suspect transactions, review my TOS for now.

If the situation will go bad I will put some limitations on the send, market and donate functions, if the players have the same IPs.

[codestryke]

Chess is not a multiplayer game (wish I could find the article) it's considered a dueling game where their are only ever two opponents. Same holds true for checkers and various card games that only allow one on one play styles. Now if chess allowed three players then two players could join a temporary alliance to make sure the third party does not win and then Chess would have the same problems as other multiplayer games.

With multiplayer games (games that allow more then two people) you run into a lot of issues. Issues that even the big box companies can't figure out. Try as they will (like us) to take out incentives via design there are always going to be those that find creative ways to create an edge. Box companies (meaning Lord of the Rings Online, World of Warcraft, Everquest) were able to shun a lot of the problems simply because they charge $50 for the box so creating multiple accounts gets expensive but people still did it. Or better yet they have a different can of worms called farming I've never had to deal with that issue but I certainly wouldn't presume to tell the developers how they could simply design away from farming.


Chris is absolutely correct once you start designing away from multiplayer participation in the game you start to basically create a single player game that shows a ranking score for the community.

[JGadrow]

Chess is not a multiplayer game (wish I could find the article) it's considered a dueling game where their are only ever two opponents.

Really? Go around town and ask 100 people the definition of "multiplayer." I'd almost be willing to bet you a minimum of 99 of those people will say, "2 or more players." Since chess has 2 players, it fits the definition of multiplayer.

At most, a "dueling game" would be a specific classification of "multiplayer game."

Same holds true for checkers and various card games that only allow one on one play styles. Now if chess allowed three players then two players could join a temporary alliance to make sure the third party does not win and then Chess would have the same problems as other multiplayer games.

Yes, scenarios where there exist the possibility of uneven teams can not, by their very nature, be balanced. Again, very simple to design for: only 1v1 or XvX games count towards official ranking. You're absolutely free to play a 2v1 or 3v5 game, but you'll receive no "official" credit for that game. So, again, you could multi-account but only players who go into the game knowing they could be at a disadvantage will be playing against you.

In this specific scenario, I'd say that playing in this manner would constitute "cheating" and that's kind of a different subject all to itself.

With multiplayer games (games that allow more then two people) you run into a lot of issues. Issues that even the big box companies can't figure out. Try as they will (like us) to take out incentives via design there are always going to be those that find creative ways to create an edge. Box companies (meaning Lord of the Rings Online, World of Warcraft, Everquest) were able to shun a lot of the problems simply because they charge $50 for the box so creating multiple accounts gets expensive but people still did it. Or better yet they have a different can of worms called farming I've never had to deal with that issue but I certainly wouldn't presume to tell the developers how they could simply design away from farming.

Again, the point is not to prevent multi-accounts but to marginalize their impact. Is it ever going to be perfect? Heck no! But if you're going to tell me that IP banning is a perfect solution then you're lying through your teeth.

I never said there was no value in tracking IPs or intra-IP interactions (you should probably be doing so to determine whether an account may actually be "cheating" as defined by your game). I just think that the current strategy employed by most games of "ban them all!" is a little overzealous and/or lazy. It actually can restrict the spread of your game as well. Imagine a college student really enjoys your game and wants to get all his buddies into it as well. He shows it off to them and about half of them realize it would be a sweet game to play. Well, they all live together in the college dorms. Because of your IP rules, you have now lost several potential players. Same goes for co-workers, members of a single household, etc..

Chris is absolutely correct once you start designing away from multiplayer participation in the game you start to basically create a single player game that shows a ranking score for the community.

To use one of your examples: World of Warcraft. They have chosen not to restrict their clients by IP (and if anyone has the resources to do this well it would be Blizzard) but, instead, they try and balance their game so that the impact of multi-boxers (as they are called in WoW) is minimal.

As you mentioned, there's a hefty buy-in in order to accomplish this. But, money isn't a barrier to everyone so I think of it as an annoyance at best which, as described above, isn't really a way of dealing with multi-accounts.

Secondly, their game is real-time which means the more accounts you try to control at once, the less effective you're likely to be overall. Unless there's been some genetic breakthrough that I'm unaware of, we all only have so many hands.

Even with those in place, some people still chose to multi-box. It wasn't always a bad thing either. In the cooperative sector, a multi-boxer who was actually good at it and had characters comprising multiple party roles could help you to round out a party. However, when they implemented Arena matches (where fair competition is expected) they ran into a new issue: win trading. I've already described how to deal with win trading above.

World PvP is still possible to be ganked by a multi-boxer. But, then again, it's also possible to be ganked by a higher-level player, a gang of higher-level characters, etc.. So, it's not a problem specific to multi-accounting, but something that arises in the nature course of the game itself.

In closure, yes, the big game companies still have multi-accounters. However, they've learned to do exactly as I've suggested: "Minimize their impact and then let them waste their time and money if that's what they want to do."

[Chris]

Take a very classic example: Chess.

Chess does not count. It is a 2 player instanced multiplayer game with shared scoreboard. We were talking about (at least the original poster meant it and that's the default theme of this forum) massive multiplayer non instanced browser games. You design these completely different way.

Chess would be a massive non instanced multiplayer game if:
- there was exactly one board
- no less than hundreds or thousands of player were playing on the board
- players could join in the middle and leave in the middle of a match

only allowing randomly matched games to count towards the official record

You just killed a part of the social interaction, a huge part of it I would say. You disallowed real life friends/family/coworkers to enjoy part of the game. And no, saying "you don't have to play for score, you can play for fun" does not count as a valid excuse

[codestryke]

Ok we'll call chess a specific classification of "multiplayer game", which still doesn't address the situation at all. Chess was designed as 1v1 and the problems with designing a multiplayer game like the ones we are discussing here do not come close to an accurate comparison.

The ideas you had about trading I already tried and they still are not effective and something of that nature throws off game balance immensely as those with more can trade more and those with less cannot so you get a king of the hill situation. These are things you learn when you design a game that people actually play and start to get competitive with.

No system is perfect as you pointed out. However when you start to lessen the impact what you are essentially doing is lessening the importance of the said item in the game to the point that you circle around to the beginning statement. You might as well make a single player game that keeps a high score.

Finally the original question was how do I ban an IP, the question was answered. He didn't ask if it was a good idea, he didn't ask the merits of IP banning he asked how. No IP banning isn't the best way to go about things but sometimes it's exactly what is needed.

[Chris]

I consider all exchange/trade/market features as a hot patato and avoid holding it in my hands/games So, people who have these in your games, how troublesome these really are? Is it worth it? Do these features add much to your cheating volume? Are these time consuming to maintain and supervise? Is the ratio of additonal interaction to additional problems good enough to allow such features?

[JGadrow]

Ok we'll call chess a specific classification of "multiplayer game", which still doesn't address the situation at all. Chess was designed as 1v1 and the problems with designing a multiplayer game like the ones we are discussing here do not come close to an accurate comparison.

Agreed, chess (as originally designed) is a 1v1 game. However, you gave the line of thought that it could have multiple players. So, I took 30 seconds and redesigned it so that it could be a massively multiplayer game. Granted, it would take FOREVER for people's turns to come up, but it would - to all important qualifications - be a MMOG.

The ideas you had about trading I already tried and they still are not effective and something of that nature throws off game balance immensely as those with more can trade more and those with less cannot so you get a king of the hill situation. These are things you learn when you design a game that people actually play and start to get competitive with.

This is a very good point. However, that issue would be easy to correct. Instead of a percentage-based cap, it would be a static cap. As far as the "rich get richer" phenomenon. Very few games actually manage to curb this. After all, we haven't been able to figure out how to stop this from happening in the real world why should we expect it not to happen in our virtual ones?

No system is perfect as you pointed out. However when you start to lessen the impact what you are essentially doing is lessening the importance of the said item in the game to the point that you circle around to the beginning statement. You might as well make a single player game that keeps a high score.

This statement is only true some of the time. A system that only lets you do something a limited number of times can make it less important. Paradoxically, it could also make the activity more important! Imagine you're only allowed to send 1 in-game message per day. You would probably save that message for an emergency situation. Also, not everything needs to be balanced in a quantitative manner. As I said above, you can allow unbalanced games to be played (because sometimes someone wants to try their luck with the odds stacked against them) but you only allow random matches to count towards the public score board as you put it.

That would be for the "match-style" games like chess, etc.. In a MMOG, you could limit the attack function so that you're only allowed to attack a force that is composed of an equal or greater number of defending players. This system has not made combat any less important, it has simply made it so if a player is multi-accounting, they need to beat up on people with at least as many people as they have to attack with. Obviously, other abuses are possible that aren't related to multi-accounts, but that deserves its own topic. Actually, this whole thread of the conversation probably does come to think of it... lol

Finally the original question was how do I ban an IP, the question was answered. He didn't ask if it was a good idea, he didn't ask the merits of IP banning he asked how. No IP banning isn't the best way to go about things but sometimes it's exactly what is needed.

When posting on a public forum, the basic assumption when posting should be: "Hey, I've got an idea. Any help with the idea? Pros? Cons?" A forum is a means of facilitating a discussion. If it was meant to be a simple Q&A, then there would be a function for the OP to lock the thread after their question was answered. But, that's definitely off-topic and it's your forum so I mean that only in a general sense.

[Sunchaser]

When posting on a public forum, the basic assumption when posting should be: "Hey, I've got an idea. Any help with
the idea? Pros? Cons?" A forum is a means of facilitating a discussion. If it was meant to be a simple Q&A, then
there would be a function for the OP to lock the thread after their question was answered. But, that's definitely
off-topic and it's your forum so I mean that only in a general sense.

What Codestryke says is true, I had to solve urgently a problem (a user who get caught cheating and creating several users after the banning of previous ones), it was a question of solving quickly a problem, I didn't ask for an opinion if it was a good idea or not.

I am not saying that the iP ban is the right thing, i am aware of problems of schools, workplace, etc. A possible solution (although is not perfect) could be to put in Tos that the multiIP have to be declared previously to the staff; then they will be marked as 'allowed' and they will not be included in the multiaccounting reports.

I can agree with JGadrow that if one designs the game in a way multiaccounting does not give advantages i would not need to check for multis, but this would mean making the game less interesting to the majority for handling few (hopefully few cheaters.