Sign in to follow this  

Online database security

This topic is 3108 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Hello guys, I am newbie in database\network programming. I want to add some online stats (best players etc) for simple logic game. Idea is to host database (MySQL in my case) on some server provided by 3rd party provider (only DB hosting, no additional server logic). Database access params (login\password)can be obviously gained by potential attacker by stepping through program code. This information can be than used by anyone to modify database, what is something I don't want to happen :) Are there any common solutions for this problem ? Many thanks ! Petr

Share this post


Link to post
Share on other sites
Databases must never be exposed to internet. Only required functionality should be provided through some interface, but not direct DB access.

There is no solution to validity of data submitted by users outside of your enforcable control.

The only way to ensure integrity in this case is to host the games on server, and present the stats through read-only interface (web page or similar).

Share this post


Link to post
Share on other sites
The architecture you need is generally a database server coupled with an application server. The game submits stats to the application server, and the application server stores in the database.
You identify users through some account they create (say, email + registration code + password). If you find that a user is cheating, you can delete data from that user from the database. To avoid users just creating new accounts, you have to charge for account creation (hence the registration code).

Share this post


Link to post
Share on other sites

This topic is 3108 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this