Search Unity

  1. Unity 2019.1 is now released.
    Dismiss Notice

Banning IP ranges from joining your server.

Discussion in 'Connected Games' started by kennethcarrington2018, Dec 8, 2018.

  1. kennethcarrington2018


    Apr 12, 2018
    I am creating a server system and so far things are working very well. I have however been concerned about people trying to change their IPs so they can evade an IP ban system I am trying to create. I have thought about not only banning the user's IP, but banning their router so that any computer connected to it will be unable to join the server. How can I ban their router?
  2. JTovey


    Unity Technologies

    Oct 30, 2018
    Hi Kenneth,

    Banning whole subnets might not be advisable in this situation, as you could ban other players who use the same ISP. One suggestion would be to have the client generate a UUID, or pull one from a service like Steam, and use this to ban players instead. One example of Unity games that do this is Rust, as it is hard to spoof this value.
  3. TwoTen


    May 25, 2016
    Authentication is the most common tactie to stop this. However, I have to disagree somewhat with @jackt_unity.
    Authentication for this purpose (ignore the data collection part), can be broken down to some form of work that is needed to prove you are different to someone else. An example can be email verification, steam account verification etc. Just generating a UUID locally is not helping. But collecting emails and passwords is not something one should do themselves, thus services like Playfab exists. But the best option is to use your distribution platform to make it as easy as possible for the user. A great example is Steam, their SDK can be used for authentication. More advanced techniques include device fingerprinting etc, but it's generally left as it requires a lot of development in comparison to the benefits it will give you. One form of identity that actually requires work is Teamspeak3's "Identity Security Level" concept. Really interesting that does computation to "strengthen" an identity.

    Here is a good place to start reading:
    Last edited: Dec 9, 2018