Server side anti cheat methods for simple slotmechine game

[umen]

Hello all

im new to this forum as user who post questions .

so i have simple slot machine game that is using simple http post methods to update the server ( netty )

now im in the stage of securing the game , so evil user will have hard time to hack and get the system cheated

i know its a big subject , and i what to learn some basic model to implement in the server to try to prevent some frauds .

where should i start ?

thanks

[gin5eng]

You need to make your server authoritative over the clients. Which means you need to move the logic that controls the slot's position  and player coin counts onto the server side if it isn't there already.

 

Here's a quick timeline of events:

1. User pulls down lever or whatever to start the slots spinning. Start spinning animations.
2. Client send request to server for final resting slot positions. Keep it simple request like "getPositions" or something.
3. Client receives resting positions from server and resulting player coin count from server.
4. Slots animate to positions received from server and update coin count display.
   

Basically you never want to have to trust the client for ANY information. There are a few exceptions like user login/forms.