How do I secure my HTML5 export?

Post reply

❤Follow Topic(4)

0 favourites

8 posts

From the Asset Store

Gif

Jumpy Hedgehog C3 HTML5 Casual Game

$8 USD

Jump on the mole rats and see how far you can go!

01smile

- mohammad_82
- - Joined 13 Nov, 2021
  - 1 topics • 5 posts
- 1
- 23 Dec, 2023
- Quote
Hi guys.

I have an HTML5 export of my game, but the score inside is hackable.I wanted to see what I should do so that users cannot access the score and it is sent to server.

How and from which plugin (now I use ajax) should I send the score to be safe.

Is it possible to do something through scripting?

I talked to a programmer and he said that since it is a front-end output, nothing can be done for its security; But should be a way. Unfortunately I don't know anything about programming and this issue of security is bothering me a lot, if you can guide me.
Tagged:

constrain
html5
security
- dop2000
- - Joined 26 May, 2016
  - 134 topics • 12,112 posts
- 1
- 24 Dec, 2023
- Quote
You can implement some encryption or hashing:

howtoconstructdemos.com/protect-sensitive-data-in-your-game-from-cheaters-and-hackers
It will still be possible to hack your game, but this will take considerably more effort.
- mohammad_82
- - Joined 13 Nov, 2021
  - 1 topics • 5 posts
- 1
- 24 Dec, 2023
- Quote
Thank you very much. I'm doing this with CBhash plugin, but as you said it's not enough.

Can you suggest another way?
- dop2000
- - Joined 26 May, 2016
  - 134 topics • 12,112 posts
- 1
- 25 Dec, 2023
- Quote
No need to use an addon, there is now an official Cryptography plugin in C3.

But 100% protection is still not possible, this will only make the job a bit more difficult for hackers.
- mohammad_82
- - Joined 13 Nov, 2021
  - 1 topics • 5 posts
- 1
- 29 Jan, 2024
- Quote
No need to use an addon, there is now an official Cryptography plugin in C3.

But 100% protection is still not possible, this will only make the job a bit more difficult for hackers.

Thank you very much. Besides cryptography, what is your solution for more security? Even if there is a solution for processing on the server, which is good, security must not be provided from within the game.
- Ashley Construct Team Founder
- Moderator
- - Joined 21 May, 2007
  - 668 topics • 30,067 posts
- 2
- 30 Jan, 2024
- Quote
There is no fundamental solution. A client-side game can always be hacked. All you can do is throw a few hurdles in the way to make it harder.
- mohammad_82
- - Joined 13 Nov, 2021
  - 1 topics • 5 posts
- 1
- 30 Jan, 2024
- Quote
There is no fundamental solution. A client-side game can always be hacked. All you can do is throw a few hurdles in the way to make it harder.

Thanks a lot. So how do applications like "Gamee" do it? How do we secure the server side? By protecting the requests? And if it is practical, how? can you guide me?
Try Construct 3

Develop games in your browser. Powerful, performant & highly capable.
Try Now Construct 3 users don't see these ads
- Ashley Construct Team Founder
- Moderator
- - Joined 21 May, 2007
  - 668 topics • 30,067 posts
- 1
- 31 Jan, 2024
- Quote
They probably also just throw some hurdles in the way to make it harder and so are still hackable, unless they have a full server-side approach. Having a server-side gameplay system is extremely complicated and would often require rearchitecting the entire game, as it works more like a multiplayer game (with the server being a host and the player just acting as a peer in a remotely-hosted game). That could well be more effort than making the game in the first place, so it can be difficult to justify.

I'd say: who cares? If some people hack the game, let them. If you have a global hi-score board, yep, it'll get hacked. Often games just show scores for you and your friends, or other people with similar scores, rather than just the top scores, so obviously fake top scores never appear anyway. You can also moderate your scoreboard so obviously fake scores (e.g. 9999999999) get deleted.