I’m interested in creating a game, and was hoping to get some advice for keeping things secure in a login database.
I’d like to use VaRest, with MySQL but unsure how to go about this and the security/integrity of my database.
I’ve read that if not done correctly is a hackers paradise, could anyone elaborate on how?
Any guidance in setup, and security/ more on how it works would be greatly appreciated.
Thanks!
The basic rule is: all business logic runs on the server, client is just a dumb terminal. Your client will connect to a server that runs code (PHP, Java, Python, Node or whatever) which does all the database work and data validation.
(It is possible to secure a direct connection to the database by using triggers, but ultimately you’re still running business logic server side. This is more dangerous because you need much more MySQL knowledge to lock it down than you’d need by making a server-side application that can only what you program it to do).
But, unless you have lots of resources and previous knowledge on such things (which doesn’t sounds to be your case), I strongly advice against rolling your own login systems nowadays. There are solutions out there for login systems (oauth) and game server back-ends (like GameSparks, which does have an UE4 integration).