-
Notifications
You must be signed in to change notification settings - Fork 51
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1154 from taptap/refactor-tds-hk-docs
refactor: 重构 TDS HK 目录结构
- Loading branch information
Showing
555 changed files
with
135,594 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,76 @@ | ||
| --- | ||
| title: TapTap is an AWS software partner for global game developers | ||
| slug: /aws-partner/ | ||
| --- | ||
|
|
||
| import useBaseUrl from "@docusaurus/useBaseUrl"; | ||
|
|
||
| TapTap—China's active mobile game community—has officially become Amazon's software partner. The two parties will aggregate each other's technology and publishing capabilities, starting from 0, to help developers going overseas to solve the problem of early going overseas, reduce developers costs, and provide overseas games more comprehensive support. | ||
|
|
||
| TapTap is a zero-commission app store that lets gamers download gaming applications onto Android mobile phone while content providers are able to take 100% revenue. Meanwhile, TapTap has a robust community of developers and gamers that safely use the application. Since TapTap includes a community of developers that can add their apps to the platform, multiple versions of the same game can be found like TapTap PUBG. | ||
|
|
||
| <p style={{ textAlign: "center" }}> | ||
| <img | ||
| src={useBaseUrl("/img/aws/taptap.png")} | ||
| alt="TapTap" | ||
| style={{ width: "100%", maxWidth: "300px" }} | ||
| /> | ||
| </p> | ||
|
|
||
| TapTap is trying to remodel the 30% revenue cut taken by Apple’s App Store and Google Play — announcing a 0% revenue share with game developers. After two years of exploration and development, TapTap International has users in more than 170 countries (regions). In April this year, the new version of TapTap International was launched, serving overseas players with a new look and exciting functions. TapTap Developer Service (TDS) is also gradually opening more functions in the international version to provide support for overseas developers and domestic overseas manufacturers. | ||
|
|
||
| <p style={{ textAlign: "center" }}> | ||
| <img | ||
| src={useBaseUrl("/img/aws/aws.png")} | ||
| alt="AWS Partner Network" | ||
| style={{ width: "100%", maxWidth: "300px" }} | ||
| /> | ||
| </p> | ||
|
|
||
| AWS helps TapTap International Edition to provide Amazon Web Services Cloudfront, Amazon EC2, Amazon RDS, and other services, and the global cloud infrastructure provides support for TapTap International Edition. As the pioneer and leader of cloud computing, AWS provides more than 200 full-featured cloud computing services around the world. AWS provide almost unlimited scalability, so we can scale our application automatically as we continue to grow and add new customers. | ||
|
|
||
| Through cooperation with AWS, Taptap has upgraded the underlying architecture, improved the security of the architecture, expanded international delivery capabilities, and improved the experience of gamers and developers. | ||
|
|
||
| <p style={{ textAlign: "center" }}> | ||
| <img | ||
| src={useBaseUrl("/img/aws/architecture.png")} | ||
| alt="" | ||
| style={{ width: "100%", maxWidth: "600px" }} | ||
| /> | ||
| </p> | ||
|
|
||
| Up to now, a number of games such as "Sausage Man" and "Flash Party" have completed the whole process of publishing, testing and launching through the TapTap international version. In addition, TapTap's unique community system also brings novel and effective operation methods for the game's overseas platform distribution. TapTap International's "Sausage Man" launched in July 2021. Its game forum has gathered more than 1.4 million players and published nearly 3,000 discussion posts. Developers hold various activities in the community to enhance user stickiness and retention. | ||
|
|
||
| Benefiting from TapTap's zero-commission business model, well-known game developers such as Epic Games have also partnered with TapTap. The worldwide popular Fortnite is now officially exclusive to TapTap, offering download, installation and forum services. Currently, Fortnite has recorded over 10 million downloads on TapTap. | ||
|
|
||
| <p style={{ textAlign: "center" }}> | ||
| <img | ||
| src={useBaseUrl("/img/aws/sausage-man.png")} | ||
| alt="Sausage Man" | ||
| style={{ width: "100%", maxWidth: "600px" }} | ||
| /> | ||
| </p> | ||
|
|
||
| According to XD’s financial report in 2021, the MAU of the TapTap international version has grown to 12.24 million, and it still maintains a high growth rate. Based on tens of millions of MAUs, in addition to the basic distribution capabilities, TapTap has the ability to provide more platform-based one-stop services for domestic developers going overseas. For example, "bonfire testing" or "beta testing" can help developers acquire seed users and provide a sufficient and diverse population for each level of testing. Users help developers tune the game through the mechanism of community feedback and grow in testing. For global testing, developers generally cannot easily open Google and iOS stores in key countries such as the United States, Germany and France during the testing period. Only some small-volume countries such as the Philippines, Canada, etc. can be opened for testing. With the help of TapTap, we can introduce more users from core countries, especially users in Tier-1 countries. The number of users in TapTap international is quite stable, which help developer solve the problem of user volume during the test period. In global testing process, advertising purchases are often limited by the insufficient cold start speed and the small purchase area. It is difficult to import sufficient number of users on the test day or the next day. | ||
|
|
||
| <figure style={{ textAlign: "center" }}> | ||
| <img | ||
| src={useBaseUrl("/img/aws/pubg.png")} | ||
| alt="PUBG: NEW STATE" | ||
| style={{ width: "100%", maxWidth: "600px" }} | ||
| /> | ||
| <figcaption> | ||
| PUBG: NEW STATE open second alpha test TapTap International | ||
| </figcaption> | ||
| </figure> | ||
|
|
||
| TapTap Developer Service (TDS) is releasing its service capabilities for TapTap international developers after repeated verifications in China. Taking the first batch of “Flash Party” that received a version number this year as an example, the game launched on “TapTap International” in February 2022, and access the TapTap Developer Service (TDS) Tap Login, friend system, embedded community and other functions open up the social system for "Flash Party", which is convenient for players to exchange games and view strategies. At the same time, various operational activities can directly reach players in the game, improving player retention and duration. | ||
|
|
||
| <figure style={{ textAlign: "center" }}> | ||
| <img | ||
| src={useBaseUrl("/img/aws/flash-party.png")} | ||
| alt="Flash Party" | ||
| style={{ width: "100%", maxWidth: "600px" }} | ||
| /> | ||
| <figcaption>Flash Party Moments</figcaption> | ||
| </figure> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,113 @@ | ||
| --- | ||
| title: 开发者应对 DDoS 攻击问题的指引文档 | ||
| --- | ||
|
|
||
| <head> | ||
| <meta name="robots" content="noindex" /> | ||
| </head> | ||
|
|
||
| import useBaseUrl from '@docusaurus/useBaseUrl'; | ||
|
|
||
| 亲爱的开发者伙伴们, | ||
|
|
||
| TapTap 从解决社区入驻开发者所面临游戏运营困难的角度出发,在司法机关的指导下,联合上海多家头部游戏研发企业发起成立了「反网络黑灰产联盟」(以下简称「联盟」),旨在协助开发者有效处置恶意注册、侵犯知识产权、恶意评论、高技术侵害等网络黑灰产问题,其中 DDoS 攻击问题成为了 TapTap 现阶段的重点工作之一。 | ||
|
|
||
| 近期,TapTap 依托联盟的力量,为了让开发者在面对 DDoS 攻击威胁时能够从容应对。TapTap 结合自身经验,并且总结曾受 DDoS 攻击开发者的实际案例,形成了一套具有实操作用的指引手册。 | ||
|
|
||
| ## DDoS 攻击问题应对指引 | ||
|
|
||
| ### 攻击前准备 | ||
|
|
||
| * 提高运营安全意识 | ||
|
|
||
| - 充分重视 DDoS 攻击威胁,将抵抗 DDoS 攻击纳入安全保障考量,尤其是新游上线或重大更新等时间段。 | ||
|
|
||
| - 做好真实 IP 保护工作,切勿随意将真实 IP 信息露出。 | ||
|
|
||
| * 防护准备 | ||
|
|
||
| - 提前与云服务商沟通防护措施,有条件的可以提前接入高防,为抵抗潜在 DDoS 攻击做好准备。 | ||
|
|
||
| ### 攻击中应对 | ||
|
|
||
| * 巧妙应对勒索 | ||
|
|
||
| - 尝试从议价等角度入手,尽可能与勒索者周旋,套取更多证据信息,同时为开启防护争取时间。 | ||
| - 不建议支付钱款,攻击威胁并不会因为钱款的支付而停止或消失。 | ||
|
|
||
| * 开启防护 | ||
|
|
||
| - 尽快接入/打开高防服务(注意为业务分配新 IP 作为防 DDoS 服务的回源 IP,详见附文[如何应对 DDoS 攻击·应对策略](#应对策略) | ||
|
|
||
| * 证据留存 | ||
|
|
||
| - 受攻击时段的日志记录(体现异常流量)。 | ||
| - 勒索者身份关联信息(QQ号、银行账号、IP等)。 | ||
| - 抵抗攻击成本(高防成本、技术抵抗成本等)。 | ||
| - 对游戏造成的损害(负面评价、评分降低、用户流失、收入损失等)。 | ||
|
|
||
| ### 攻击后处置 | ||
|
|
||
| * 证据同步 | ||
|
|
||
| - 将收集到的所有证据同步「反网络黑灰产联盟」(我们将严格保密,在记录、比对和分析后提交司法机关进行进一步处置)。 | ||
|
|
||
| * 提升防护 | ||
|
|
||
| - 结合自身情况尽可能提升防护能力,以应对后续可能出现的 DDoS 攻击问题。 | ||
|
|
||
| 如果你的游戏遭遇到了 DDoS 攻击与勒索,请不要慌张,尽快通过邮箱与我们取得联系。 | ||
|
|
||
| **联系方式:[email protected]** | ||
|
|
||
| **联盟公众号:** | ||
|
|
||
|  | ||
|
|
||
| ## 附文:如何应对 DDoS 攻击 | ||
|
|
||
| ### 什么是 DDoS 攻击? | ||
|
|
||
| DDoS (Distributed Denial-of-Service) 攻击是指攻击者通过利用大量被恶意软件感染的计算机、软件的缺陷、互联网协议的弱点等,使得被攻击对象因为从不同来源收到大量非正常流量,从而导致大部分业务流量无法被正常处理。 | ||
|
|
||
| 由于网络协议由多层组成,业务流量要能从用户端到达游戏的服务器并被处理,需要各层都能正常工作,包括交换机、路由器、网卡、服务器等各种软硬件。只要其中任何一环失败,就能达成攻击者的目的。所以很多时候 DDoS 的效果并不会直接反映在服务器的负载上。不同的攻击也需要不同的方式应对。 | ||
|
|
||
| ### 被攻击时会发生什么? | ||
|
|
||
| 通常来说,当机房或云服务商检测到有个别租户被大量恶意流量攻击时,为了保护其他租户不受影响,会修改路由表把目标为被攻击 IP 地址的流量都路由到一个「黑洞」,也就是丢掉这些流量。这时用户就无法正常访问服务了。 | ||
|
|
||
| 如果是针对 HTTP 等应用层协议的攻击,可能会导致业务服务器负载过高,从而服务无法访问。 | ||
|
|
||
| ### 应对策略 | ||
|
|
||
| 如果受到的是应用层攻击(比如 http/https 流量,表现为业务服务器或反向代理负载显著升高),接入云服务商提供的应用层防火墙(WAF,Web Application Firewall)能起到抗攻击的作用。但从过去的情况看,游戏受到的大部分是更低层的攻击,所以以下重点讨论更常见的情况。 | ||
|
|
||
| 被攻击时成本最低也能最快完成的方案是换 IP。也就是为服务器分配一个新的 IP,把老的 IP 去掉,然后把域名指向新的 IP。但这多半不能解决问题,因为攻击者发现域名解析变了之后会开始攻击新的 IP。而因为操作快、成本低,可以先尝试,以尽量减少服务不可用的时间。在少数情况下,攻击者是针对 IP 而不是域名进行攻击,可能就彻底解决了(比如你并不是攻击目标,而是被误伤的情况)。 | ||
|
|
||
| 通常来说能持续有效的方式是接入高防服务。防 DDoS 攻击的难点是把攻击流量和业务流量区分开,高防服务提供的流量清洗就是用专业的设备和机房来以比较高的准确率隔离攻击流量,让业务流量可以到达业务服务器。各大型云服务商均会提供防 DDoS 攻击服务,也有专门提供这类服务的公司。 | ||
|
|
||
| 通常来说,攻击者会找到业务域名对应的 IP,对此 IP 发起攻击: | ||
|
|
||
| <img src= {useBaseUrl('/img/c6b28cdf6277fa5c8d7fa754ac037c40.png')} alt="" width="500" height="300"/> | ||
|
|
||
| 需要注意的是,简单地启用防 DDoS 服务,并把原 IP 作为回源 IP 是起不到任何作用的,因为攻击者已经知道原 IP,会对它进行持续攻击。 | ||
|
|
||
| <img src= {useBaseUrl('https://img.tapimg.com/market/images/d7d674160e6c5709485730996fd0fc13.png')} alt="" width="700" height="300"/> | ||
|
|
||
| 正确地做法是为业务分配新的 IP 作为防 DDoS 服务的回源 IP(新分配的 IP 不要在任何地方公布,也不要用任何域名指向它),把业务域名指向高防 IP,并把原 IP 从业务服务器解绑。 | ||
|
|
||
| :::caution | ||
|
|
||
| #### 更安全的配置 | ||
|
|
||
| 业务服务器应该设置可信的上游 IP,对其他不可行来源 IP 都设置丢弃数据包,否则攻击者还是有可能扫到业务服务 IP 的。 | ||
|
|
||
| 对 HTTPS/TLS 服务,要对 SNI 做相关配置 ,避免处理客户端流量,而是需要经过可信高防回源/代理 IP 才提供服务和作出响应。 | ||
|
|
||
| 对非 HTTPS/TLS 服务,也要严格设置可信上游,丢弃所有非可信上游来源流量,保证自己不会被攻击者认为业务服务 IP 是游戏的源站 IP。 | ||
|
|
||
| ::: | ||
|
|
||
| <img src= {useBaseUrl('https://img.tapimg.com/market/images/663b5c9346ad4f6356bde3901d290c19.png')} alt="" width="700" height="300"/> | ||
|
|
||
| 在国内,由于防 DDoS 服务价格较为昂贵,另外流量会经过额外的环节而增加网络延迟,通常只会在受到攻击时,和在开服或上榜等可能被攻击的时间点前接入此类服务。因为临时接入高防需要时间,建议如果能预期到在特定时间点被攻击的可能性较大,就提前接入避免服务中断产生损失。在国外可以选用 Cloudflare 等自带 DDoS mitigation 功能的动态 CDN 来同时达到降低网络延迟和常态防 DDoS 的效果。 |
Oops, something went wrong.