question

Tahir avatar image
Tahir asked

Massive limit costs due to attack

How does playfab handle limits being breached due to obvious attacks?

I know it was mentioned somewhere that playfab will make attempts to limit actions based on IP but I'm seeing things like:

> 55k logins from one ip in 24 hours

> 88k entity events

While I understand I should limit unused API, sometimes you cant know whats missed until it happens. Also a lot of the docs arent quite clear as to how to limit stuff, for example, I made use of UpdatePolicy to do:

Resource = "pfrn:api--/Client/WriteEvents"

It returns success, yet shortly after, I'm still being warned about exceeding limits?

Whom do I speak with regarding billing?

Thanks for your time.

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Gosen Gao avatar image
Gosen Gao answered

PlayFab limit the client requests based on IP address, the limit is 100 calls per 2 minutes. Although “55k logins in 24 hours” is an obvious anomaly, but it is not exceed the limit(about 72k requests in 24 hours). You should analyse the events data to figure out whether it is caused by a script or not. Because the case can be similar if players are using VPN service. You can ban the IP address with API BanUsers to stop the attack if you find that it was caused by script. Please note that If you ban an IP of a service(rely server) may cause massive reports from the customers. You should be very careful doing this.

As for events, the ApiPolicy can’t restrict the entity APIs, the WriteEvents is one of them. Besides, some actions will generate events automatically, such as login. So part of “88k entity events” should be generated by login. It can be reduced by banning the IP.

Regarding billing questions, you can submit a request via Contact us.

2 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Tahir avatar image Tahir commented ·

Is it possible to find out playfabid's that make a certain api call using the data analyzer?

0 Likes 0 ·
Gosen Gao avatar image Gosen Gao Tahir commented ·

You can filter the Events based on the EventName and PlayFabId in the Data Explorer to do that, please note that the events and APIs are not one-to-one. If you want to record events about a specific API, you can create custom events to implement it. Here is the built-in events list, you can have a look.

I think you should also check the login method to see if the custom ID has a regular pattern.

Here is a sample for your reference.

['events.all']

| where FullName_Name == "player_logged_in"

| where Entity_Id == "D85738AD34F5F820"

| sortby Timestamp

For more information about Data Explorer(Advanced mode), please refer to Getting started with Data Explorer advanced mode.

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.