Simple usage of APCu caching in your project & simple DDOS protection (PHP)

Simple APCu caching in your Project & nonCDN BruteForce protection

I beca­me obsessed with RAM caching and i try to keep pushing eve­ry sin­gle mil­li­se­cond down. (Whi­le tal­king about thou­sands of requests per second, eve­ry mil­li­se­cond mat­ters). Here is an exam­ple of caching rare­ly chan­ging json file. I tried to keep it cle­an for rea­da­bi­li­ty when quick­ly loo­king throu­gh code and as quick as possi­ble (per­for­man­ce).

TORs Online 13.Feb DevLog

Scre­en­shots 13.02.2016

01 02 03 04

Most­ly i have impro­ved visu­al side of sec­tor ren­der. Laten­cyme­ter (Ping) tends to be dis­tor­ted by cli­ents machi­ne per­for­man­ce of syn­chro­nous tasks befo­re real ser­ver respon­se, the­re­fo­re rather than real laten­cy, it moni­tors time just right befo­re ser­ver is called and right after some litt­le whi­le after rece­i­ving. With lower CPU/GPU per­for­man­ce on “HD opti­on”, it can go up to higher num­bers without real ser­ver laten­cy being incre­a­sed.
I wouldn’t call this a “bug” and for now i don’t intend to sol­ve “laten­cyme­ter” moni­to­ring really only ser­ver respon­se.

Impro­ve­ment” of UI (login/register form), impro­ve­ment and impe­men­tati­on of new spri­tes

Video 05.03.2016

Video 08.02.2016

Game Project, WIP name “” (TORs)

1st Feb 2016 Scre­en­Shot

  • MMORPG game based sole­ly on HTML, CSS,JS+jQuery with turn based com­bat
  • JRPG sty­le, PVE (solo/group [max 3]/dungeons/bosses), PVP(casual — offli­ne and livePVP/ranked/3v3/Total PVP Ser­ver “Cha­os mode” — PVP com­bats ran­do­mly inser­ted between PVE encoun­ters — lorewi­se: Pla­yers have gone mad under some kind cur­se in the realm, so eve­ry­o­ne see each other as mon­sters)
  • Main sto­ry line, side quests, each ser­ver will have unique and dif­fe­rent map.
  • Unique items drop­ped from ene­mies (ran­dom stats, all item stat effects will be per­cen­tu­al) ove­rall cha­rac­ter stats max cap.
  • Possi­ble micro­transacti­on sys­tem — only visu­al items. Sub­scrip­ti­on (some­thing like 5$ a mon­th, just to sup­port cre­a­tors) — no wai­ting time after death and lower XP dept after dying?
  • Pro­ba­ble sup­port of all sys­tems (basi­cally all sys­tems, that have modern web brow­ser — WIN, OSX, Linux, IOS, Andro­id + Con­so­les?)
  • So far very good RAM usage, just the nwjs after log­ging in and ren­de­ring a sec­tor, who­le pro­cess takes only 25MB of RAM.
  • Pixel art” gra­phics, opti­on to turn on “pret­tier” gra­phics — bet­ter weather effects and 3D world effect with per­specti­ve (not just from top down)
  • Game con­ta­ins one main html, which is affec­ted and modu­la­ted by con­t­rol­ling javascripts, which can call each other and run functi­ons.
  • It will be basi­cally impossi­ble to che­at in the game, because user peri­o­di­cally reads a game sta­te from the ser­ver eve­ry second (so far qui­te good TTFB spe­eds 30–50ms on PHP7 free hos­ting endo­ra)
  • Main con­t­roll algo­ri­thm will run once in a second (mea­ning the ser­ver will be “1tick”)
  • Game has sim­ple bru­te-for­ce pre­ven­ter + you need to autho­ri­ze from each new IP add­ress via email — unau­tho­ri­zed IPs will have que­ry limit once in a five seconds (Bru­te­For­ce part of script pre­ven­ting attacks have not yet shown nega­ti­ve effect on TTFB)
  • All infor­mati­on about pla­yers, par­ta­ken fights, tra­des and so on (basi­cally all acti­ons) will be zlib com­pres­sed and recor­ded, ser­ver will also peri­o­dally bac­kup the DB once a day for possi­ble roll­backs.
  • DB is local based in json for­mat, passwords are bcryp­ted, user after suc­cess­fully log­ging in will rece­i­ve an access token, valid only for logged one current IP. Token will be used for com­mu­ni­cati­on with ser­ver inste­ad con­stant reva­li­da­ting the password. Token will be used for peri­o­di­cal rea­ding of “gamesta­te” and also for sen­ding an acti­on requests to ser­ver. With access from unau­tho­ri­zed IP — possi­ble hac­ker could guess the right token to user­na­me (high­ly unpro­ba­ble with possi­ble frequen­cy of 1 guess in 5 seconds — the token will be revo­ked and dele­ted from data­base and the real user will be asked to reva­li­da­te his login with new token.
  • World map — with own PHP tool, the world is gene­ra­ted from an map image (png 2000x2000) -> 4M tiles into smaller sec­tors 50x50 -> 1600 smaller sec­tors (~7.33kB sec­tor, ~11.7MB who­le world). Pla­yer down­lo­ads and caches sec­tors he has visi­ted even for futu­re use.
  • Free hos­ting like an Endo­ra (PHP7, limit 3 simul­ta­ne­ous pro­ces­ses at once) could possi­bly take care of 60 pla­yers at once without any lag and issu­es. Esti­ma­ted ban­dwi­d­th per second is gues­sed to be 0.5–1kB/s per user.

 

Per­so­nal notes:
(most of the time just stuff that comes to my mind during a day and i “wri­te it down” via my pho­ne)

Levels:1–10 (to start with)
XP to level:8,12,18,27,40,60,90,135,200
killXP:25% +/- for each level dif­fe­ren­ce

Tra­de double hand­shake — after agre­e­ing to tra­de, you will have to agree once aga­in to can­cel out possi­ble scams.
Weather,Day/Night Cycle, Light/Shadows (sha­dow inset), rain, clouds, storms, weather affecting com­bat, lowered visi­bi­li­ty?