In my previous Web Game post, I described my game server technology stack. It’s a conventional HTML/CSS/PHP website, but uses PostgreSQL as the database and has a C# Game Processing Engine that is run at regular intervals.
Running a VPS/Dedicated server Is a Job
If you’ve been used to running a website managed by a hosting service provider (HSP), i.e., most of them, you only see the tip of the iceberg. The HSP’s staff do everything to keep the Web server in tip-top shape, upgrade it for patches, hardware, etc. They’ll do preventative maintenance, clear or expand disk space, respond to zero-day threats and anything to keep the bad guys out. They are unsung heroes and we never see them if they are doing their job right.
Now unless your dedicated server/VPS is fully managed, you will have to risk a few sleepless nights. If you can afford it, you can hire staff or pay third party companies to monitor and/or protect your website. If not, then welcome to their world!
It’s not terribly onerous once all the ground work is done, and more a matter of common sense. But there are certain things you have to put in place, plus you should design your software to consider itself vulnerable so it can preempt threats. Accept the fact that some perp may hack your site anyway, and have a plan to get it restored.
Things like closing all ports that aren’t needed. Making sure all software updates are applied (When I got my Windows 2008 R2 VPS, it needed 54 Windows Updates!). Store passwords in databases in encrypted form, etc. This question on StackOverflow and its answers should be required reading for every Web developer.
Keeping Things Secure
Having had a couple of websites hacked, I’ve started looking into setting up a 10-minute cron job that emails me if the Cyclic Redundancy Check of the home page script (not the page itself) changes. If an attacker gains root access to your server then it’s almost game over until you regain control. But at least this way you find out fast.
Likewise the database server can be remotely accessible during development, but once your game is released, remove external access. This assumes that a working backup/restore solution has been put in place.
The point of a backup is that it should let you restore the game with as little data loss as possible should a crash or hack occur. Expect that this will happen at some point, and test that you can recover from the worst possible case. Assume that all is lost and needs a complete restart.
If the worst happens, how long will you need to reinstall all the software (webserver + patches, database, game data and code?). If you have a good HSP, they may let you make a clone image of your empty setup. Save it somewhere handy so all that all you need to do is copy back the game code and data to get it working.
Source Code or Binary?
The good thing about PHP is that it’s a script language and you don’t need to compile it, so code changes are easy. The bad thing is that it’s a scripting language and an attacker who gets into your box can steal your code. There are several ways to avoid this:
In my case, I’m looking at Option B with Phalanger, since my game is running on a Windows VPS. It’s not just for the extra security, but generally compiled code is faster than interpreted code. Compiled code means it is converted to low level code that the processor understands. Normally PHP is interpreted, which is slower though various optimizations have been done to speed it up. Facebook’s HipHop Converter is supposed to get 2-6 x speed up, and it’s Open Source so anyone can use it.
While in development, just use it normally with the occasional compilation to test that it works. It’s not worth compiling all the time because of the extra overhead imposed. PHP is popular because it’s easy to work with, make changes to, etc. It’s best to regard compilation as a final to-do, left for releases deployed to the server.
My game isn’t real-time but turn based, so it does a backup before the turn is processed and then one immediately after. This way if there’s a bug in my software that crashes the system (it happens, you know), it’s possible to use the game data to rerun the turn, find the bug, fix it and carry on.
When The System is Down
Find some way to display a message so players can see you’re working on a fix and update it periodically. Generally players are forgiving if you keep them informed. But keep them in the dark, and they’ll walk.