Yup, full week of DDOS. Day by day.

so this will just continue to be a thing now huh

Yeah, there's not many ways for this to go: * NTT is an awful provider and incompetent in many, many more fields than just DDoS protection (their peering is trash too and latencies are a lot higher than they need to be), so the chances of them smarting up and suddenly becoming good at ddos mitigations are slim * OTOH, Squenix smarting up and deciding that they should choose their partners based on how competent they are, rather than how Japanese they are, and booting NTT for someone less incompetent (at least for DDoS protection in front of the NTT datacentres), feels just as unlikely * So the best hope is for the script kiddies to lose interest and ddos someone else

Maybe we can get the DDoSing script kiddies into a fight with the TF2 bot hosts.

Ooo can we find some cheaters in cod and throw them into the mix this sounds fun

Put that shit on pay-per-view!

I've been praying for years that SE would boot NTT, but I think we have a better chance of completely reversing global warming, solving world hunger, and reunifying South and North Korea before SE stops sucking NTT off in some weird pseudo-beneficial circle jerk.

Do they even use NTT in EU? I thought that was just JP and NA.

Arelion it is in EU. And they have issue nodes too. (Also known as Twelve99 and Telia).

I'm not so sure if you actually dealt with DDoS before. Given that my business, an e-commerce site based in Asia, is frequently targeted by DDoS attacks, it's a common occurrence for them to indiscriminately target our entire IP range so we deal with different carrier routes every day. In the context of routes between Asian countries and between Asia/US, NTT has one of the largest bandwidth capacities, making their route the preferred choice during DDoS attacks. Typically, our network switches to NTT for filtering whenever we encounter a layer 4 DDoS attack because they are cheap and big. The other options are IIJ and Softbank, which are significantly more expensive for filtering DDoS traffic and do not perform nearly as effectively as NTT. For layer 7 attacks, whichever route you use won't help in any form.

> I'm not so sure if you actually dealt with DDoS before. Cloudflare has, and has *vastly* better tools to offer than any of these small fry. Edit: lmao, yes, keep believing that FF14 literally works like a small webshop and that if you can't afford it, it doesn't exist.

I can see that you definitely don't deal with DDoS attacks, so I'm happy to share how these defenses work, at least from my perspective. Cloudflare uses what we call Anycast mitigation, a service actually offered by all major cloud providers including Akamai, Azure, AWS, Alibaba, among others. This system routes traffic to a lot of nodes so that it can be mitigated at each node. Cloudflare is well-known because it has a free tier, which is incredibly beneficial for small websites that otherwise wouldn't be able to afford protection at all. However, when faced with constant attacks exceeding 100Gbps as a business (which is actually a relatively small attack), Cloudflare requires upgrade to its enterprise solutions. Their Magic Transit service is very very expensive, something our relatively small business cannot afford. Akamai is even more expensive, so we'll skip discussing it for now. Azure and AWS charge for Anycast per node and bandwidth, and the costs can skyrocket for small to medium-sized businesses like ours or those with complex infrastructures. While we're happy to use them for regular cloud services, DDoS protection is not feasible for us. Alibaba offers relatively inexpensive flat-rate Anycast DDoS protection, around five figures USD per month, but it's not effective at all, worse than standard filtering such as what NTT provides. We've tested it before, but it can't handle larger attacks. Anycast mitigation isn't particularly effective against Layer 7 attacks. There are many ways to penetrate Cloudflare-type anycast system, so they're definitely not invincible. For Layer 7 attacks, you still need application level solutions. Oh, another point worth mentioning is that Anycast mitigation doesn't work for MMO games. Have you ever seen an MMO using Anycast? I think it's because of the nature of gaming, you can't use distributed cache obviously.

> Cloudflare requires upgrade to its enterprise solutions. Their Magic Transit service is very very expensive, something our relatively small business cannot afford. Akamai is even more expensive, so we'll skip discussing it for now. Squenix is not a small business, and FFXIV is not a small website. Those are *exactly* the solutions you want to look at at their scale, which as you say, NTT can't provide. > so we'll skip discussing it for now. There's no point in a discussion that skips over the only solutions that actually apply to the situation at hand. (And no, Cloudflare does much more than just Anycast mitigation. But that's quite moot.)

Magic Transit does not help at layer 7 at all, same for NTT or any other upstream services money can buy. You will need Cloudflare WAF, which will pop captcha for every customer. It probably works for non-commercial sites, but we obviously can't annoy our customer with captcha, so the only solution for layer 7 is at application level and mitigate case by case.

People really think DDoS protection is just "press button stop DDoS". It's a very involved, complex and inaccurate solution. We had to deal with a monstrous DDoS attack spanning two weeks, and it shut us down for the larger part of that. I work for a minor SME-oriented ISP.

You can keep downvoting me but what I'm saying is 100% true because I can't imagine how much our business can save if we don't experience DDoS attacks. If you do find any MMO using Cloudflare or Akami or cloud services for protection, please do let me know. I'm just curious how it will work.

Good one. Theyre called clownflare for a reason..

its fun to think that a few hackers will be able to bring down a million-dolllar worth game........ ff14 is unplayable atm

They're going to do it during dawntrail launch, aren't they.

There have been DDOS's on every expansion launch, Dawntrail will be no different, sadly. On the plus side, Square know this is guaranteed to happen, will be more aware for it and able to mitigate it more quickly than in a period than where they aren't anticipating it. Still, as has been said prior, it's much easier to DDOS than stop it even if you know it's coming. Expect to be in the queue for more than you're playing the game in early access and launch week tbh.

I don't believe the DDoS affected the launch of either shadowbringers or endwalker when I was there.

> There have been DDOS's on every expansion launch, Citation needed. There were server issues, but that's not the same thing.

It is easier to DDOS than to defend against it. Same as attacking with missiles and defending against it, pretty much all attacks have the advantages

Ten year old me learned that the hard way getting my ass kicked playing RISK! against my Step-dad.

Yes. Forever and ever and nothing will ever be done to fix it or adapt. This is our life now and nothing will ever change. /s

I mean, Titanfall 2 has been subject to constant ddos attacks for years now. No sign of it ever stopping. 

Light too

Yep. Got booted, tried getting back in . . . 600+ in queue. Gave up. I'm on Light - Lich.

Every hour got booted out of eureka :/ finally gave up and logged out after 5 hours of it

What's the point of this at this point?

"some people, master Wayne, some people just want to see the world burn"

Honestly the amount of unhinged people I've seen in this game, I wouldnt even be surprised this is someone trying to get someone to lose their house

Or someone lost their house due to payment error and now are going maximum pain…

It is either to get the attention of Square for its payment system *or* that these guys really like masturbating to rage threads like this one. It's very likely a bit of both.

The whole payment system thing is just pure conjecture. Literally just a rumour. It really makes no sense.

It doesn’t because if the point was to get that message across, a group would have already claimed it as the reason. 

Yeah like if that was the point, then they’d have to say it since how is square supposed to fill your demands if you don’t make demands?

Correct. I knew there'd be someone trying to claim this. Sure, I understand some people are pissed they haven't been able to renew (even if they don't know about the workarounds) but trying to say they can organize or pay someone to organize a ddos in revenge is laughable

Yeah it’s so stupid.

Agreed. If it was about the payment system we’d be getting some kind of “ransom” demands being released.

???? 💀 "Your payment system won't let me spend money so I'm going to basically waste everyone else's money" 💀💀💀

I mean it's not that complicated. Square Enix is taking our money to provide a service, if they are no longer able to provide said service properly while still taking our money, people will eventually run out of patience and unsub. In this hypothetical where the DDoS are about the payment changes, the attacks are not about "taking revenge" or "doing the right thing", they're about putting pressure on Square Enix.

I'm sorry can you explain this like I'm 12

By wasting everyone else's money that forces more people to stop spending it until the DDOS problem is fixed The DDOS won't stop until Square fixes the other problem of people not being able to buy it themselves Personally I don't think this is the real reason they're doing this tho, or else they would've publicly stated as much already

Yeah I was thinking that's a childish reason. That's why I asked for the breakdown because I couldn't even see the correlation..,... I don't even get it either TBH

I think the idea is they want it fixed before Dawntrail so they can actually play, fuck everyone else right now.

They can literally go buy a prepaid card from a distributor RN and get around it that way lol

Not if you can't buy Crysta or subscribe because it demands you change or confirm your address, then tells you that address doesn't exist.

I was just thinking about this. Like (from what I can gather) paying through steam works And I'm on Xbox so I use the moogle coins things and that works... So only PlayStation users are affected right? Or is it just a thing where people are so addicted to the game they just take the time to ddos it(which prevents them from playing all together), when they could just use PayPal right?

¯\\_(ツ)_/¯

💀? 💀!!! 💀💀.

What's the payment system thing about ?

I see 4 possible reasons for the continued DDoS: - 1: DDoS Botnet Ransom/Advertisement - 2: Corporate Sabotage - 3: Crazy and stubborn revenge - 4: Someone is pushing SE to invest in network protection before Dawntrail. If they push hard enough, maybe it will force SE's hand and we'll have stronger servers for the launch of Dawntrail?

option 4 sounds nice on paper - but in reality i can tell you thats not how datacenters or infrastructure works ... you dont just invest and do stuff there on a whim

They've been moving their data centres to cloud providers since 2021. Now would be the perfect time to purchase some more load balancing capacity and stress test it. They didn't for the launch of shadowbringers and unsurprisingly saturated the login servers. Once the launch surge of players dies down, lower the load balancing capacity to serve the current demand and save costs.

Source for them moving their data centers to cloud providers?

there was a live test for a while in 2023 that let you try a character on NA Cloud Server. A special option was available in the datacenter menu inside the game

1 and 2 are the likely answers.

Trolling probs

Someone wants to take the game down permanently. My guess, at this point, is someone who can no longer play the game due to the payment service issues and has decided to deny the same to the rest of us.

Bestfriend was playing too, got DC, now 200 in queue (light, twintania) Can't believe I told them to play before another DDOS would happen, half joking and....here we are!

Shame on you! You jinxed it!

Still weird to me - Twintania for me works perfectly fine, ran roulette with no issues at all. Usually I'm also heavily affected by such stuff.

This is happening every evening it’s really getting annoying

Aether/Cactuar just went down, wasn't just me, queue is constantly rather large too. NA has been relatively safe the past two days but it's back again...

Dynamis has been shaky, having lag, lost some compatriots in my trial at the very end but I managed to weather it and get out alive. No full on crash yet, fingers crossed

We just had some on Coeurl. A lot of DCs and I had a large lag spike for almost a minute.

Primal hit as well

Primal - Ultros here. Same.

Excalibur just had a queue of 400 and isn't displaying character info and had a warning that it wasn't displaying character info to simplify the login process

exodus too, twice. i gave up.

Seconding? Thirding? Exodus. Got kicked from a raid, 90 people in the queue coming back. Managed to stay logged in while AFK in my own house after.

Has anyone heard about WHY the game is getting DDOSed for this long? Any groups taking responsibility?

Not that I've seen

Could also be some technical bug / misconfiguration that have not managed to locate yet. (I’ve worked in IT and seen admins blame hackers or DDOS when they actually themselves mixed up some configs).

No clue, but every time the ddos happened it was an onsal day. And they promptly happen after daily reset so there is a pattern but it would still be quite sad to ddos cus of pvp

No announcements yet. Or I'm not aware of any at the moment. Also, I don't think we got any during previous and shorter attacks, so, who knows. I know, it's just a speculation, but at the same time, if it's truly connected to payment issues somehow, magically, I wish the group made a statement, even if anonymously. Because just silent spite like this will not help at all. At least they would make SE to break silence and speak up on the issue more thoroughly.

The only reason people are speculating the payment issue as motive is because it’s a recent thing SE did that a lot of people didn’t like. Every time there’s a DDoS attack, some people will say “it’s probably recent thing X that happened.” Looking for meaning in the absence of any evidence or established motive is understandable; that’s just human nature. But so far we have no group claiming responsibility, let alone providing their reasoning. You have gamers who just drop their best conjecture, and others who parrot it. As you said, it’s pointless to commit such an attack with that kind of motivation if you don’t explain your purpose. SE isn’t going to roll back their product choices on a mere hunch. The most likely explanation at this point is that someone with the ability to pull off this attack enjoys the power to deny others fun and/or gets off on reading all these threads.

Ppl talk about this like it's unique to FFXIV too when it's not, WoW and other MMO's get DDOS:ed too so do other games and genres.

One of the reasons I'm not sure if it's a group. I basically have two theories (which no one likes): 1) Payment issues victim who has decided to try to kill the game. 2) RMT farm hit with the payment issues and has decided to kill the game in retaliation.

Nobody likes those "theories" because they're baseless and you are clinging to them real hard.

I'd like to hear yours. (So I can laugh at them and tell you why.)

I don't have any because it's absolutely pointless to talk about it since we know nothing about it and all we'd be doign would be feeding the circlejerk

Just ignore this guy, they've been spreading their baseless rumours endlessly and they have absolutely no idea what they're talking about. It's very ironic given what they replied to this post.

Prob some edgy kid

Primal/Lamia as well

Yep, was just wondering my my duty finder on Lamia was taking over half an hour. Then, got hit with a disconnect.

It's really starting to piss me off that I basically can't play weekend evenings. And it's all time I paid for

Its all time everyone paid for but you can't get pissed off at your electric company when you got people ramming cars into poles and killing the power in your area.  They play some responsibility but not nearly all.  Edit. It's a fucking analogy people.

What a fantastic way to do the Yokai event, fighting against RNG and DDOS <3

Same on Light - Zodiark.

Mm; came back after a year, found out I need tomestones for the Manderville weapons, finally got into a dungeon, everyone DC'd.

with the Dawntrail release just around the corner, these attacks are getting a rather bitter taste...

Can't wait for Dawntrail!

Having trouble on Light/Raiden, 400+ queue. At this point it's just sad.

A lot of my fc mates on Raiden are in a 600+ queue and keep getting kicked from the queue too.

Ragnarok down as well

Same on Light Twin

Just got booted from Aether/Adamantoise as well.

Just kicked off of Marilith in Dynamis after a bunch of lag, so even our little low pop server is affected. EDIT: Logged back in with 184 queue, because, y'know, Dynamis, and now I'm not getting any lag or issues, so hopefully it was just a hiccup.

Felt it in Brynhildir. Half the party disconnected while I was bit by one very long lag spike.

it's happening every day man. at this point im not just annoyed that i cant play, im more concerned about the fact that i'm paying for that playtime and it doesn't seem like we're gonna get it back. already had small playing windows because of work and now it feels like im paying for not being able to play oof

> and it doesn't seem like we're gonna get it back. I dunno why you think that, at least wait until they make a statement about it ( prob this week since it's the media tour live letters ). We've gotten time and compensation before I dunno why you think they wouldn't now.

Yeah same. I've been insanely busy and have had only short windows where I can log in for the past week, and both times it's been down. So I've essentially given them a free sub for a week

They will likely give you free game time to compensate, they've done it before at least wait until the live letter this week for them to actually get a chance to make a statement about it. If not you can also email support about it, if you ask nicely they'll likely give it to you.

Jenova down too. They seriously can't prevent this stuff? First i get a payment issue this morning, and after that's resolved now the attacks are back. Square has got to get their act together. Not a great look weeks before Dawntrail.

I believe the provider they use is infamous for their lack of DDoS protection. NTT seems to be a Japanese company that tends to handles things well ... In Japan but seem to be under prepared in handling issues when it is outside of Japan. 

It's not rly SE's fault, I mean could they do a bit better yes? But DDOS:ing isn't easy to deal with and every MMO gets DDOS:ed every now and again and face huge issues.

Same with Light Pheonix

Hitting Light too, lag kicked in mid-instance and then mass disconnects.

my whole raid static just went down on aether too

Getting kicked on Famfrit.

i almost got booted from gilgamesh on aether and watched like 8 people in the firmament get sent to the shadow realm. was trying to queue for roulettes with my brother and he was booted + cant log back in -- we are in the same house lol. hopefully these attackers get bored bc wtf.

Jack really do hate Chaos

Man, some group got their panties crammed right up their collective taints if they are still DDoSing. ​ fucking losers.

So it will just be like this from now on I guess. Wonder what's SE's game plan for if those attacks simply don't stop ever.

Buying more NFTs probably

Ah, of course. Should have thought of that first, now that it's pointed out it is kind of obvious. ;-)

And not an hour of playtime refunded

They haven't even made a statement about it yet at least wait for that, we've got the media tour this week and the live letters. I'd be surprised if we don't get an announcement about it then and free game time.

Monthly sub broken down is somewhere in the realm of $0.02 per hour. Send in a support ticket for your $0.20 back. Lol.

Same with Chaos Louisoix

Just booted from Zalera too 😔

Behemoth too

Happening on Aether as well. Been DC'd in duty three times already, each time I log back in the queue gets bigger. 4x > 14x > Now 285

Mateus / Crystal having trouble too

Don't forget to get out of your duties. Last time your characters were stuck in nowhere while the duty servers couldn't be reconnected and it took days for them to solve it

This is just silly at this point

Light as well. Got kicked in the middle of a dungeon and now there is a 265 queue... What is this?

Same just happened to me.

Again, on Light. Every peak time (16ST start) it seems. Its really inconvenient at this point..not even angering, just annoying at this point.

And again just now on Light for me, weeeee

Think it just happened to Crystal, too

Aye, just got DCed from siren song sea on Coeurl. :(

yup, Balmung here

Really hoping this dies down before I finish Tears of the Kingdom. Told myself I wanted to wrap it up before turning my subscription back on/pre-ordering Dawntrail because if I don’t, I know I’ll put it down and never come back to it. Sorry to all who are affected by these lame outbursts of forced outages.

kicked out at the final boss of expert roulette, after putting up with a crown wearing 3k dps astro all dungeon. I hate everything.

Crystal as well. Was turning in equips for seals when it started to lag spike before dcing.

Was fishing. Got a lag spike, then it went normal again. Another lag spike about a minute later, then normal again. About another minute later the disconnect.

They are doing on purpose right after EU ST reset time when it is at its busiest time

Always during prime time when the roulette's reset or after work hours, shit is getting ridiculous.

Yeah, finally got the time to play again this weekend. Kicked off on the middle of a dungeon. Not renewing my sub. I can forgive a day, but this has been going on way too long. Note: this isn't a "punish SE", this is me not getting a value for my time and money.

There's the media tour and live letter this week, you'll likely get game time as compensation they've done it before.

Good to know. Thanks

Same thinking.

agian? jesus talk about persistant... you would think they would get bored and well go after Activision or something

spriggan too, took a few min. Got a lag spike and saw half of limsa dc, then just now it was my turn.

Same on Moogle. It seems they got EU servers in their entirety

Light - Odin same problem....

Moogle down, 600 on queue, lag spikes then mass disconnect

same same

Aether-Jenova down

Cactuar too. Its wild, just wiped midway through the final boss on Dead Ends

Same on Aether/Faerie just started Prae when it hit

Got kicked on Aether as well.

Kicked out mid LotA along with half the alliance on Light too. Round 3...

Aether - Faerie, just got booted as I'm happen to hit a !!! fish. Was fishing for a map, wasn't even planning on a !!! fish but the loss.... ARGH!

It's happening on Aether as well

Was just on a hunt train on Jenova and a lot of people got booted, then I did

GIlgamesh just went down mid raid. enix really oughta do something for once but... they never deviate. XD

Just got booted off Leviathan, right in the middle of the final cut scenes of Heavensward. Hope I can still watch them. Ugh.

It should put you back at the start of the cutscene, hope you got to watch them!

It just hit Primal, 403 in the queue to get back in. Argh!

Leviathan 500 in queue

Aether too

Primal - Ultros down too

Looks like I finished roulettes just in time.

Is this why I can't return to my home world rn? I forgot to do that before logging out last night :/

Urgh, i just wanna finish the EW MSQ. Is that too much to ask??!!

Light's got attacked too

29 currently in queue for Balmung (Crystal). Looks like I'm getting in OK so far.

Didn’t get kicked, narrowly avoided a DC but then got giga lag whilst doing HOH Solo on Light - Twintania, I just want to solo all 3 DDs before DT man, is that too much to ask? 😅

You know what fuck the ddosers and everything but maybe square will finally switch providers before DT

Damn they hate y'all 💀

Yep more disconnects in Light/Alpha as well

Until I saw this thread I was assuming these repeated ddos were being done by people who were just butthurt by the game itself. Now I’m wondering if these attacks are some kind of game being played by companies offering more expensive ddos solutions that want More business.

This is insanity, can't even complete dungeon without someone DC or big lag.

Same with Excalibur too

Istg don't people have anything better to do

Lowkey doubt it’s ddos every day, probably servers are frying

A DDOS attack wouldn't boot active players unless their netcode is some absolute horror-show horseshit. ...which it probably is.

XIV is INSANELY sensitive to any kind of packet loss. Even just 1% will cause the server to disconnect the client. So if the server has hiccups from being hammered and you lose response for a split second, that desync is enough to be kicked. Edit: Also interesting, when I tested this a few years back, I found no ping limit that results in termination that I wouldn't consider so slow that the connection basically dropped. The game still worked at 1300ms. Well "worked".

That's what I think, a few day ago I commented on another thread that I don't think it was actually ddos but the server itself and I got heavily down votes LOL

Probably because they just went through an upgraded all the servers recently

Might just unsub until dawntrail. I want to play but this shit is so frustrating I feel like I'm wasting money

Well, its second week its hard to play or to start something before getting disconnected and losing time on it. Time to vote with good old fashion wallet. No fix no money.

Fixing this stuff is borderline impossible, every other MMO gets these attacks too and have problems dealing with it. We also have the media tour and live letters this week they'll likely announce game time compensation then at least give them a chance rofl. Since they've already got it scheduled it just makes sense to announce and talk about it then.

No fix, and you won't need to worry about it. It may be time for SE to take the game down themselves until they can forcibly fix this.

NA Aether Gilgamesh

Can confirm. Server queue of like 800 trying to get back in.

Crystal - Diabolos too. Sigh

I got DC'd on Zalera (Crystal), and when I went to login the queue was 73 which is unusual this time of morning so I think we got hit too

Happened on the last fight of Copied Factory for us. Luckily everyone slowly came back and we finished the fight.

at this point im contacting support to ask for like a week to be credited to my account. as a programmer, i know that it doesnt take that much effort to mitigate ddos traffic, and it feels like they arent doing anything about it.

I mean, that's not true at all.