It's Time for Answers on these "DDoS" Issues

[Kanehana]

I'm not sure people here in this thread actually understand how hard it is for a company like SE (or any company) to do anything against a DDoS attack. Technically, there isn't one single person, or group of people doing this. It's thousands, even tens of thousands of malware infected computers flooding traffic in a server or datacenter, constantly hitting that server/datacenter with pings and login attempts for a period of time. It's called a botnet. Sure, there's probably one, maybe a few actual people behind that botnet, but trying to find who's controlling thousands upon thousands of PCs in this botnet is virtually impossible.

It takes government-level investigation and time to actually find out who created the botnet and prosecute the individual(s) involved. Furthermore, if it's a botnet for hire like Rapperbot (which only recently saw action taken against its creator by authorities earlier this year), then that means ANYONE on the world wide web with money, probably bitcoin to help hide paper trails, can hire it.

Finally, we don't know if it's hitting servers specific to SE, FFXIV, or hitting just general ISP servers that SE happens to be using. The level of misdirection is simple, but the result, as you can see, is pretty effective.

Are there steps SE can take? Yes and no. Yes, in that they can probably take security steps to ensure each and every IP trying to access their servers are bonified users. However, that's a level of scanning that will slow down the login process even further, and still might not do anything against an attack. And that's if it's even their servers being attacked, and not a different level of traffic owned by someone else like some broadband company who doesn't give two squats how frequently our game is being interrupted by DDoS attacks.

TL;DR version: It's a simple method of attack, way more complicated than people realize to combat.

The intention of your message is good, but I'm very certain that the main point of this thread (and all the other threads mentioning the DDoS attacks) is that this situation (the sheer frequency of DDoS recently) is getting really out of hand (very awful for hardcore players obviously, but even for casual players like me, this is kind of unprecedented.) I don't really understand what's going on under the hood of this car, but consumers like you and I are not going to be able to do anything just by armchair engineering at each other here :'c At least here is the best chance we can get to be seen, though.

[Supersnow845]

I'm not sure people here in this thread actually understand how hard it is for a company like SE (or any company) to do anything against a DDoS attack. Technically, there isn't one single person, or group of people doing this. It's thousands, even tens of thousands of malware infected computers flooding traffic in a server or datacenter, constantly hitting that server/datacenter with pings and login attempts for a period of time. It's called a botnet. Sure, there's probably one, maybe a few actual people behind that botnet, but trying to find who's controlling thousands upon thousands of PCs in this botnet is virtually impossible.

It takes government-level investigation and time to actually find out who created the botnet and prosecute the individual(s) involved. Furthermore, if it's a botnet for hire like Rapperbot (which only recently saw action taken against its creator by authorities earlier this year), then that means ANYONE on the world wide web with money, probably bitcoin to help hide paper trails, can hire it.

Finally, we don't know if it's hitting servers specific to SE, FFXIV, or hitting just general ISP servers that SE happens to be using. The level of misdirection is simple, but the result, as you can see, is pretty effective.

Are there steps SE can take? Yes and no. Yes, in that they can probably take security steps to ensure each and every IP trying to access their servers are bonified users. However, that's a level of scanning that will slow down the login process even further, and still might not do anything against an attack. And that's if it's even their servers being attacked, and not a different level of traffic owned by someone else like some broadband company who doesn't give two squats how frequently our game is being interrupted by DDoS attacks.

TL;DR version: It's a simple method of attack, way more complicated than people realize to combat.

There comes a point where to the customer “you don’t really understand how complex it is” is no longer a valid argument and the NA servers have been unstable for almost 4 years now so we are long past that

If square had any sort of game plan I truly believe the community would give them the grace period to attempt to execute it, but we know nothing, this game already has a reputation like most eastern MMO’s for ignoring the western playerbase and now the NA playerbase feels completely abandoned with zero communication

Square got the grace of “DDOS’s are hard” for most of EW, they don’t get it for all of DT as well

[Siniztor]

Considering the last DDOS post by SE was the 18th and all the new ones are "Server equipment issue" DDOS isn't what is happening and I amongst others believe Se has been using DDOS as a blanket excuse and as you see now there admitting there Servers has equipment issues... So yea some more specific answers would be nice

[Shoganza]

I realize that if these are DDOS issues, it's not an easy fix, but the lack of any statement beyond the generic interruptions post on the Lodestone, or any assurance that Square is actively looking to minimize service disruptions has been extremely disheartening.

Yoshi gave a really promising presentation stating that rather than please 3 out of 10 players with targeted game content per patch, he wants to get in the habit of making 7 out of 10 different players excited to play the game per patch. I genuinely believe he means that, but DDOS/service disruptions mass kicking NA players is something that disproportionately affects some features of the game more than others. People can't prog without worrying about losing their progress in a disconnect. People can't solo deep dungeon without losing the floor they're on. People are losing crafting materials mid-craft. You can add wonderful variety to the game, but if people cannot play those features because of frequent interruptions, it's pointless.

I understand the perspective that addressing it might encourage further retaliation, but it's getting worse, and not better. If these server attacks are happening during a patch release and on a holiday where people in NA are more likely to log in, how do you think it will affect the health of the game when it happens during 8.0? There may not be a perfect or easy resolution, but we have to admit to ourselves that while it's not Square's fault if they're being targeted, they are providing a paid subscription service, and they need to try to minimize the damage for NA players however they can. If my power goes out, I expect my power provider to go investigate and resolve the issue. If we're paying to play FFXIV, Square needs to investigate and take actions to resolve the issue for as many players as they can.

I really want to see some sort of indication from Square that they're listening.

[Siniztor]

I realize that if these are DDOS issues, it's not an easy fix, but the lack of any statement beyond the generic interruptions post on the Lodestone, or any assurance that Square is actively looking to minimize service disruptions has been extremely disheartening.

Yoshi gave a really promising presentation stating that rather than please 3 out of 10 players with targeted game content per patch, he wants to get in the habit of making 7 out of 10 different players excited to play the game per patch. I genuinely believe he means that, but DDOS/service disruptions mass kicking NA players is something that disproportionately affects some features of the game more than others. People can't prog without worrying about losing their progress in a disconnect. People can't solo deep dungeon without losing the floor they're on. People are losing crafting materials mid-craft. You can add wonderful variety to the game, but if people cannot play those features because of frequent interruptions, it's pointless.

I understand the perspective that addressing it might encourage further retaliation, but it's getting worse, and not better. If these server attacks are happening during a patch release and on a holiday where people in NA are more likely to log in, how do you think it will affect the health of the game when it happens during 8.0? There may not be a perfect or easy resolution, but we have to admit to ourselves that while it's not Square's fault if they're being targeted, they are providing a paid subscription service, and they need to try to minimize the damage for NA players however they can. If my power goes out, I expect my power provider to go investigate and resolve the issue. If we're paying to play FFXIV, Square needs to investigate and take actions to resolve the issue for as many players as they can.

I really want to see some sort of indication from Square that they're listening.

If you check the last few recovery post it IS SE fault they have admitted that players are being kicked due to "Server equipment issue" This blanket excuse that its DDOS attacks is old as dirt. As other have posted its not just players disconnecting its framerates are crap but ping is fine.. Fact is SE keeps making the game so spec heavy there own servers can't handle it

[justineola]

Another disconnect at 2:15 PM ET.

[TwiceDamned]

And another just now at 3:15 PM EST.

Face it, facts are facts: However difficult it might be to actually do it, they need to DO IT. The future of the game is in question because of these attacks, no matter what the source of them are.

If it's what I think it is, it's SE's fault too. Really. The SE MMO community has been so married to RMT bullshit that actually stepping up and getting a spine can lead to these results.

[GardeniaResilia]

It's gotten so bad there are user-ran NA outage trackers on social media such as Blusky and Twitter/X.

Yesterday alone there were at least 4 counted, and it was Christmas Eve so there's usually less players online as they're spending time with family.

Today is Christmas Day, and we've already reached that number before 4pm EST. This is no longer acceptable.

[TwiceDamned]

I will however say that Christmas itself does bring an additional factor of bad-faith actors.

[Shoganza]

New cash shop glam, still no acknowledgement. It also kind of feels like the retainer bug they addressed in maintenance was a rarer phenomenon, but it's being made out to be a scapegoat on socials.

If the retainer crash issue was the root cause, it would have stopped after the emergency maintenance, and JP, EU and OCE would be banging on Square's door too. I don't think they intended for it to come across this way, but releasing a cash shop item before addressing widespread concerns about the stability of the game feels pretty disrespectful. At best, it's tone deaf.

I'm not sure what to believe anymore. In Endwalker, when population got to be an issue, didn't they deploy a cloud server contingency? It feels like they signed a lease on some cloud servers and didn't sign again when player numbers dropped. I hate assuming the worst, but without Square being transparent, it's very hard to assume the best. Interest in the game always starts to spike when the lead up to the next expansion begins, and they've just had a solid patch. There are also several hotly anticipated features in the pipeline for future patches (housing changes, Beastmaster etc). If this really is a case of not having lasting architecture to withstand increases in player counts combined with the usual suspects (as some DDOSing, bugs and ISP nonsense is unavoidable), then they can't afford to wait until people have resubbed/pre-ordered 8.0. If it gets out that server issues are making parts of the game virtually unplayable, they may lose some of those returning players, and content creators may start talking about the server issues instead of building hype for the next expansion.

I'm begging them not to fumble this.

There's a non-zero chance they're waiting until a PLL, but I don't think this can wait until the next one. That's going to hit in like March at best, and that's way too long to expect the community to endure without reassurance.