Is Square Enix DDoSing themselves or what ?

[Daeriion_Aeradiir]

Even if it's real "DDoS" the fact this is a problem for 4 months means your probably right, they are not fixing the problem and just let anyone DDoS without any defense since they are all doing NFT.

Chloe

DDoS is a multi-folded problem.

1) There's a reason that it still exists in this day and age, and that's simply because its one of the hardest techniques to defend against, purely because of its extremely easy ability to increase at scale (not to mention that more intricate DDoS attack methods continue to be created/refined as technology gets better). Even a tech giant like Microsoft suffers from actual downed service as a result of DDoS on the occasion, despite investing more money in it than FF14 ever hopes to generate in revenue. Back in May/June ish of 2023, Azure & Onedrive suffered one of the largest DDoS attacks in history that managed to actually crack their defenses for a short period before they were able to mitigate it. You think a company like Square can stop a DDoS that REALLY wants to take down their servers if a company a million times their size can't even fully guarantee protection? DDoS "Protection" is more about mitigating the effects of it rather than actually preventing it.

2) The ultimate equation, is it even worth it? Being blunt, consumers are short term memory creatures by far and large. There was another point in this game's history that it had frequent DDoS attacks, around 4.2 ish era. When they stopped, basically no one gave a care, FF14's reputation had zero dent, etc - Square doesn't really need to care about what people think of the DDoS unless it becomes a constantly happening all the time, long-term problem.

Then there's the investment issue - in the game's history, there's only been two instances the game has been hit with DDoS this hard - once back in the 4.2 ish era, and this current period. 2 major DDoS incidents in 7-ish years, with everything else being super minor incidents that barely last a day. Sinking that much money into preventing something that historically, has affected maybe 0.01% of their operation time is a colossal bad business decision when making a cheap, easy PR move of giving everyone a week of free days on their account is infinitely cheaper. The only time they'd really need to think about upping their investment in DDoS protection is if this current one becomes a long-term issue, which for all we know, may just peter out in the near future then FF14 won't have another major DDoS till 2031.

The harsh reality is Square is a business, and the downtime caused by these DDoS incidents on the grand scheme of their operating time are basically a rounding error. Unless you're a business that loses thousands of dollars a minute to any downtime whatsoever, intricate DDoS protection just isn't worth it as a cost.

3) As others have analyzed during these periods, half the time FF14 is getting DDoS'd, it isn't even FF14 servers itself, its one of the bigger NTT nodes in the region that a sizeable amount of traffic routes through when going to Sacremento, which Square has zero control over. Next time there's DDoS, try a VPN. If it's the node getting DDoS'd, a VPN can route around it.

Like many issues people love to meme and reductionist, DDoS isn't a simple issue with a simple solution.