Client and Server seperation for security purposes

Hello,

I’m newbie in UE but an old programmer in C++ and I have questions in my mind! A lot!

Recently I’ve been watching some Networking tutorials and reading some articles about Server/Client replication and all other stuff. (RPC etc.)

In online games that I’ve worked or I made were had simple reaction connection protocols.

C:Client

S:Server

C > Presses Move Key \ Local Client Checks Collision \ Sends a Package with Interaction Header (or Struct Contains Vector and Velocity etc.)

S > Checks Collision \ Calculates New Position \ Changes Position in Memory or Instance \ Sends Update Package including near clients and reference client

C > Gets Package Update \ Updates Position of Itself

That’s all. Let me give you another example.

Login Server - World Server - Database Server

I always coded them seperated for performance, security and reliability purposes. (%99 on Linux or in any BSD servers, never ever Windows) Here I will try to explain my methods and organization between them. For synchronization I use TCP handshake with timestamp. (UDP For pinging and lesser heavy stuff.)

  • Client tries to connect server.
  • Client sends ping to login server, receives it back and THEN sends user login information.
  • Login server connects (Actually there is always Async connection between them) to database server.
  • Database server runs query and sends it back to Login server.
  • Login server sends response back to Client. (If it’s success or failed)
  • If it’s success, Login server sends whole information to World server and World server creates an instance of player. (With unique XTEA key or something like that for security purposes).
  • World server sends that key to Login server. Login server sends IP/Port/Key configuration to Client and closes network connection.
  • Client connects to World Server and Voila!

And I’ve made all these in C++. But when I look UE networking I am REALLY confused. I read some stuff on here, there but I didn’t completely understand.

For example, my game has a unique luck system or drop system that I don’t want to be exposed or cracked. For example, my client application wants to connect MySQL or MsSQL server (For instance, he made a new item and needs to store it) but I doesn’t want it to be expose it’s IP/Port? How? When I ship my product, does “Has Authority” function cleanse all related function? I’m really confused… Help me!

Thanks in advance …